u635233936.ha003.t.justns.ru Open in urlscan Pro
2a00:b700::28  Malicious Activity! Public Scan

Submitted URL: http://2.mazavile.fr/
Effective URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Submission: On March 06 via manual from FR

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2a00:b700::28, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u635233936.ha003.t.justns.ru.
This is the only time u635233936.ha003.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 77.111.240.191 51468 (ONECOM)
1 13.70.82.195 8075 (MICROSOFT...)
2 29 2a00:b700::28 51659 (ASBAXET)
28 2
Apex Domain
Subdomains
Transfer
29 justns.ru
u635233936.ha003.t.justns.ru
370 KB
1 oxfordlawyers.com.au
www.oxfordlawyers.com.au
650 B
1 mazavile.fr
2.mazavile.fr
399 B
28 3
Domain Requested by
29 u635233936.ha003.t.justns.ru 2 redirects www.oxfordlawyers.com.au
u635233936.ha003.t.justns.ru
1 www.oxfordlawyers.com.au
1 2.mazavile.fr 1 redirects
28 3

This site contains links to these domains. Also see Links.

Domain
toutsurmabanque.bnpparibas.net
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Frame ID: DBA49221D8C5EF546338EF32F4697399
Requests: 28 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://2.mazavile.fr/ HTTP 302
    http://www.oxfordlawyers.com.au/wp-content/dsp/ Page URL
  2. http://u635233936.ha003.t.justns.ru/cb/p/ HTTP 302
    http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a HTTP 301
    http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

28
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

370 kB
Transfer

1204 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2.mazavile.fr/ HTTP 302
    http://www.oxfordlawyers.com.au/wp-content/dsp/ Page URL
  2. http://u635233936.ha003.t.justns.ru/cb/p/ HTTP 302
    http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a HTTP 301
    http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://2.mazavile.fr/ HTTP 302
  • http://www.oxfordlawyers.com.au/wp-content/dsp/

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.oxfordlawyers.com.au/wp-content/dsp/
Redirect Chain
  • http://2.mazavile.fr/
  • http://www.oxfordlawyers.com.au/wp-content/dsp/
111 B
650 B
Document
General
Full URL
http://www.oxfordlawyers.com.au/wp-content/dsp/
Protocol
HTTP/1.1
Server
13.70.82.195 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
bb7e627638f4de5b8843dd207fa19e600962d8ec686e94af675a02299d0987e1
Security Headers
Name Value
Content-Security-Policy default-src http: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
www.oxfordlawyers.com.au
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:31 GMT
Server
Apache
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Feature-Policy
vibrate 'self'; sync-xhr 'self' http://oxfordlawyers.com.au
Content-Security-Policy
default-src http: data: 'unsafe-inline' 'unsafe-eval'
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
Content-Length
117
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Cache-Control
max-age:600, public
Content-Length
182
Expires
Fri, 06 Mar 2020 10:38:50 GMT
Last-Modified
Fri, 06 Mar 2020 10:28:50 GMT
Location
http://www.oxfordlawyers.com.au/wp-content/dsp/
Date
Fri, 06 Mar 2020 10:28:50 GMT
Content-Type
text/html; charset=utf-8
X-Varnish
308380920 307134815
Age
519
Via
1.1 varnish (Varnish/6.3)
Connection
keep-alive
Primary Request /
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Redirect Chain
  • http://u635233936.ha003.t.justns.ru/cb/p/
  • http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a
  • http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
16 KB
5 KB
Document
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Requested by
Host: www.oxfordlawyers.com.au
URL: http://www.oxfordlawyers.com.au/wp-content/dsp/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b23d3e1f7eff8da99ca6ff524c1498f55e42dc7e6f67ea833db8bb62b31574d8

Request headers

Host
u635233936.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.oxfordlawyers.com.au/wp-content/dsp/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.oxfordlawyers.com.au/wp-content/dsp/

Response headers

Connection
Keep-Alive
Content-Type
text/html
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Etag
"408c-5e6227ec-c813ead58f3d1e73;gz"
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Content-Length
705
Date
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Location
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Vary
User-Agent
context.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
2 KB
1 KB
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/context.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
05a96d3c82e726b193863c1a105080c6baa37d5c46ee634cdbaf2756dbefbc1b

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"6d2-5e6227ec-b7900b2665c8e7a3;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
mediaelementplayer.min.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
10 KB
3 KB
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/mediaelementplayer.min.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1a2c0603e8ba42c388ce99053ec229e2afb93edfb04f9f953839754c4cafc56f

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"28ab-5e6227ec-8e947bb489a576d9;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
sitefactory.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
338 B
606 B
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/sitefactory.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5d77a2b7eaeb6e21059e45fb20e1556d7196a34d37458c69c660a392337df378

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"152-5e6227ec-1d4be7034db66104;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
base.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
209 KB
42 KB
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dad6e9329fe15375945974ea923f85cb44d6ef7615225e38adbe344f7fcb28c4

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"34221-5e6227ec-5974fe43d315e3fb;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
base-blessed2.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
279 KB
53 KB
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a61bfde1efc9877eabae1d452793bd754a9c9c2e0e5193514a5ec0374380d50f

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"45ab3-5e6227ec-eaca2bfac3828c3e;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
base-blessed1.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
271 KB
61 KB
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed1.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3ac60ade5c6aae37d57cfc3ba1e09480bbc483253e275b00f3022f4da31408d

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"43a36-5e6227ec-9f58403575467d3c;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
fix.css
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
22 KB
7 KB
Stylesheet
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/fix.css
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b3756223d5d5410775e3f0daf42cfecf36e82441f039a01b15e187a6f016cb0b

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"5770-5e6227ec-6d194196214d72d9;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
jquery-1.11.0.min.js
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
285 KB
98 KB
Script
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/jquery-1.11.0.min.js
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d9d598cd1a5e0e93b2676575d2e965bc7ea19bb66dea851cad4e4f5c355e0370

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"47395-5e6227ec-38f5518b4668ab37;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
webtrends.min.js
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
24 KB
10 KB
Script
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/webtrends.min.js
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
22c25085a03fbeed8af4e41182c62cd0da50422dc50d0d3412db01c994313ad8

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"5e4c-5e6227ec-7c89772d87e2293d;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Fri, 13 Mar 2020 10:37:32 GMT
bnp-alone.png
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
21 KB
21 KB
Image
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/bnp-alone.png
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7765b30f55d23c1e9b5da76e6b4bb7129665b9fb7e0ff1f949f51d74a22f93be

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"5312-5e6227ec-81816f7743f12f40;;;"
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21266
Expires
Fri, 13 Mar 2020 10:37:32 GMT
bnpp_sans-webfont-webfont.woff2
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_sans-webfont-webfont.woff2
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
495
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_type_regular_v2-webfont.woff
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_type_regular_v2-webfont.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
504
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
icon-print.png
u635233936.ha003.t.justns.ru/rsc/contrib/image/generique/
678 B
678 B
Image
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/image/generique/icon-print.png
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2c90afd796b84d3f3de9dba6a017a6aa50efd87273ac71b102cb2c9a07b78414

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
491
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_sans_cond_light_v2-webfont.woff
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_sans_cond_light_v2-webfont.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
507
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
sprite-form.png
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
6 KB
6 KB
Image
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/sprite-form.png
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6935aeee017a8da33fa52da1dd852fef33fbd73bc1a07279da5f12a193ed2313

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"169e-5e6227ec-b565a9acb51ddffe;;;"
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5790
Expires
Fri, 13 Mar 2020 10:37:32 GMT
k-50634415037854521327874135539749512918.jpg
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
6 KB
6 KB
Image
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/k-50634415037854521327874135539749512918.jpg
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2c9fcbc478926bbf06f295e7fb557d06f78e808b51dd7e467934a52f6e28da5a

Request headers

Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"1890-5e6227ec-44b5cf2ecf0bffc2;;;"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6288
Expires
Fri, 13 Mar 2020 10:37:32 GMT
bnpp_type_bold_v2-webfont.woff
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_type_bold_v2-webfont.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
501
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
iconbnp.woff
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/iconbnp.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
485
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_type_regular_v2-webfont.ttf
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_type_regular_v2-webfont.ttf
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
503
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_sans-webfont-webfont.woff
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_sans-webfont-webfont.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
494
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_sans_cond_light_v2-webfont.ttf
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_sans_cond_light_v2-webfont.ttf
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
506
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_type_bold_v2-webfont.ttf
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_type_bold_v2-webfont.ttf
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
499
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
iconbnp.ttf
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/iconbnp.ttf
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
484
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_sans-webfont-webfont.ttf
u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/
0
0
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/rsc/contrib/css/fonts/bnpp_sans-webfont-webfont.ttf
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/base-blessed2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
493
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bnpp_type_regular_v2-webfont.woff
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
32 KB
32 KB
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/bnpp_type_regular_v2-webfont.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8a5914aa91aff6db50981ac794d68b868dfecf6909305ab6c568466faa49d366

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/context.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"7fa8-5e6227ec-deb3b43a46ce9a81;;;"
Vary
User-Agent
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32680
bnpp_sans_cond_light_v2-webfont.woff
u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
22 KB
23 KB
Font
General
Full URL
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/bnpp_sans_cond_light_v2-webfont.woff
Requested by
Host: u635233936.ha003.t.justns.ru
URL: http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/
Protocol
HTTP/1.1
Server
2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5cfcd47c763f59b765edf88bf251164a95e5e1dbcb5ad4e031a6460a2409d73c

Request headers

Origin
http://u635233936.ha003.t.justns.ru
Referer
http://u635233936.ha003.t.justns.ru/cb/p/5c5a6260919d60019af487997f069f8a/context.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 06 Mar 2020 10:37:32 GMT
Last-Modified
Fri, 06 Mar 2020 10:37:32 GMT
Server
LiteSpeed
Etag
"5910-5e6227ec-124cd0297854613c;;;"
Vary
User-Agent
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
22800

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| tagguageNext function| dcsMultiTrack object| Webtrends object| WebTrends function| pass

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src http: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block