urlscan.io logo urlscan.io
SecurityTrails logo

ozon.ru Open in urlscan Pro
185.73.193.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://taxlevelservice.info/
Effective URL: https://ozon.ru/?__rr=1
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 185.73.193.68, located in Russian Federation and belongs to OZON-AS, RU. The main domain is ozon.ru. The Cisco Umbrella rank of the primary domain is 25357.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 21st 2023. Valid for: a year.
This is the only time ozon.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38.180.191.227 9009 (M247)
1 2602:816:5001... 54113 (FASTLY)
1 4 185.73.193.68 44386 (OZON-AS)
2 185.73.195.116 44386 (OZON-AS)
2 185.73.193.120 44386 (OZON-AS)
11 6
1    38.180.191.227 (Meppel, Netherlands)

ASN9009 (M247, RO)
taxlevelservice.info
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    185.73.193.68 (Russian Federation)

ASN44386 (OZON-AS, RU)
ozon.ru
2    185.73.195.116 (Russian Federation)

ASN44386 (OZON-AS, RU)
cdn1.ozone.ru
2    185.73.193.120 (Russian Federation)

ASN44386 (OZON-AS, RU)
cdn2.ozone.ru
Apex Domain
Subdomains		 Transfer
4 ozone.ru
cdn1.ozone.ru — Cisco Umbrella Rank: 68964
cdn2.ozone.ru — Cisco Umbrella Rank: 209204
51 KB
4 ozon.ru
ozon.ru — Cisco Umbrella Rank: 25357
21 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 749
32 KB
1 taxlevelservice.info
taxlevelservice.info
25 KB
0 nr-data.net Failed
bam.nr-data.net Failed
11 5
Domain Requested by
4 ozon.ru 1 redirects taxlevelservice.info
cdn2.ozone.ru
2 cdn2.ozone.ru ozon.ru
2 cdn1.ozone.ru ozon.ru
1 js-agent.newrelic.com taxlevelservice.info
1 taxlevelservice.info
0 bam.nr-data.net Failed taxlevelservice.info
11 6

This site contains links to these domains. Also see Links.

Domain
www.ozon.ru
Subject Issuer Validity Valid
taxlevelservice.info
E5		 2024-09-24 -
2024-12-23		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.ozon.ru
GlobalSign RSA OV SSL CA 2018		 2023-09-21 -
2024-10-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ozon.ru/?__rr=1
Frame ID: 5149F0FAD6165270891EEFE8BAA11AFB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Доступ ограничен

Page URL History Show full URLs

  1. https://taxlevelservice.info/ Page URL
  2. https://ozon.ru/ HTTP 307
    https://ozon.ru/?__rr=1 Page URL

Page Statistics

11
Requests

82 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

128 kB
Transfer

308 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://taxlevelservice.info/ Page URL
  2. https://ozon.ru/ HTTP 307
    https://ozon.ru/?__rr=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
taxlevelservice.info/ 		64 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://taxlevelservice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.180.191.227 Meppel, Netherlands, ASN9009 (M247, RO),
Reverse DNS
Software
Caddy nginx/1.18.0 (Ubuntu) /
Resource Hash
b7c0ecd87b1fa4e023f72aa1ca9767668eec7ba51f7bed606e8e8ab1829db1de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 28 Sep 2024 06:18:38 GMT
server
Caddy nginx/1.18.0 (Ubuntu)
nr-spa-1.265.1.min.js
js-agent.newrelic.com/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.265.1.min.js
Requested by
Host: taxlevelservice.info
URL: https://taxlevelservice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://taxlevelservice.info
Referer

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"5b9d8baa112d5d1fe1575bc547a2d11c"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
32119
date
Sat, 28 Sep 2024 06:18:39 GMT
last-modified
Fri, 06 Sep 2024 15:19:57 GMT
content-type
application/javascript
x-served-by
cache-mrs10523-MRS
x-cache-hits
47
vary
Accept-Encoding
Primary Request /
ozon.ru/
Redirect Chain
  • https://ozon.ru/
  • https://ozon.ru/?__rr=1
17 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozon.ru/?__rr=1
Requested by
Host: taxlevelservice.info
URL: https://taxlevelservice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.73.193.68 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1af6d368c7e868b1a6799fff70ed06c144b8e943f8dfd7984dec05757a495f6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 28 Sep 2024 06:18:39 GMT
ozon-antibot
1
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-length
164
content-type
text/html
date
Sat, 28 Sep 2024 06:18:39 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://ozon.ru/?__rr=1
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
favicon.ico
taxlevelservice.info/ 		0
0
NRJS-70d296500a1ce2f6999
bam.nr-data.net/1/ 		0
0
common.css
cdn1.ozone.ru/s3/abt-complaints/static/v1/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.ozone.ru/s3/abt-complaints/static/v1/common.css
Requested by
Host: ozon.ru
URL: https://ozon.ru/?__rr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.73.195.116 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
6fac18307b67fff6df22549d1e46308e349af41b402e38677b551c10766cbb93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ozon.ru/

Response headers

content-encoding
gzip
etag
W/"9d7552ac7ff4e4447d0466d0e6162da7"
x-amz-version-id
48235178-edbe-4d78-a653-384b082041b3
x-content-type-options
nosniff
x-amz-storage-class
STANDARD
expires
Tue, 13 May 2025 11:30:03 GMT
x-cached-nx
HIT 0.000
server-timing
o3_img_fetch;dur=0, o3_img_origin_cache;desc=HIT, o3_img_cache;desc=HIT
alt-svc
h3=":443"; ma=86400
x-o3-trace-id
00d1b9b979c60805, 00d1b9b979c60805
date
Sat, 28 Sep 2024 06:18:39 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 27 Feb 2023 11:15:17 GMT
x-amz-tagging-count
0
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-request-id
018f3e87-793f-7bd6-8cfe-738b062853ab
accept-ranges
bytes, bytes
access-control-allow-origin
*
server
nginx
style_v13.css
cdn2.ozone.ru/s3/abt-challenge/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.ozone.ru/s3/abt-challenge/style_v13.css
Requested by
Host: ozon.ru
URL: https://ozon.ru/?__rr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.73.193.120 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
025a2e1f578fd063410ab421b651a60f9321c1f0935d7ba25144de9599dec742

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ozon.ru/

Response headers

content-encoding
br
etag
W/"ad0ab7a7c3a8bcec66a5a366a121b878-1"
x-amz-version-id
01921e7d-e4ba-71d5-a858-6ddc0adc0508
x-amz-storage-class
STANDARD
expires
Sat, 05 Oct 2024 06:18:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=3600,h3-27=":443"; ma=2592000; v="46,43"
x-o3-trace-id
642755768164f904, 642755768164f904
date
Sat, 28 Sep 2024 06:18:39 GMT
content-type
text/css; charset=utf-8
content-disposition
filename="style_v13.css"; filename*=utf-8''style_v13.css
last-modified
Mon, 23 Sep 2024 10:47:00 GMT
x-amz-tagging-count
0
cache-control
max-age=604800
timing-allow-origin
*
x-amz-request-id
0192371c-b062-7bc4-ad9c-69146c5304f1
accept-ranges
bytes
access-control-allow-origin
*
server
nginx
script_v13.js
cdn2.ozone.ru/s3/abt-challenge/ 		84 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.ozone.ru/s3/abt-challenge/script_v13.js
Requested by
Host: ozon.ru
URL: https://ozon.ru/?__rr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.73.193.120 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d187d64a12dba039d0d704119047b22009c66852e6d6f26eb6901305ef5ebd3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ozon.ru/

Response headers

content-encoding
br
etag
W/"321703691ca0caae65083af2066b4bdc-1"
x-amz-version-id
01921e7d-e52f-746b-81db-a523409fbe78
x-amz-storage-class
STANDARD
expires
Sat, 05 Oct 2024 06:18:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=3600,h3-27=":443"; ma=2592000; v="46,43"
x-o3-trace-id
390848367409e804, 390848367409e804
date
Sat, 28 Sep 2024 06:18:39 GMT
content-type
text/javascript; charset=utf-8
content-disposition
filename="script_v13.js"; filename*=utf-8''script_v13.js
last-modified
Mon, 23 Sep 2024 10:47:00 GMT
x-amz-tagging-count
0
cache-control
max-age=604800
timing-allow-origin
*
x-amz-request-id
0192371c-b062-72dd-9d75-1805e5c6a6fa
accept-ranges
bytes
access-control-allow-origin
*
server
nginx
favicon.ico
ozon.ru/ 		17 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ozon.ru/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.73.193.68 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
dd6ba4f0164c9371dc58d992d27a2674c9bb2d4bc3e2bce23efe95e9c9879c56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ozon.ru/?__rr=1

Response headers

content-encoding
gzip
date
Sat, 28 Sep 2024 06:18:39 GMT
ozon-antibot
1
content-type
text/html
server
nginx
result
ozon.ru/abt/ 		2 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ozon.ru/abt/result
Requested by
Host: cdn2.ozone.ru
URL: https://cdn2.ozone.ru/s3/abt-challenge/script_v13.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.73.193.68 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://ozon.ru/?__rr=1

Response headers

x-o3-bot-score
10
content-length
2
date
Sat, 28 Sep 2024 06:18:40 GMT
content-type
application/json;charset=UTF-8
server
nginx
warn.png
cdn1.ozone.ru/s3/abt-complaints/static/v1/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.ozone.ru/s3/abt-complaints/static/v1/img/warn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.73.195.116 , Russian Federation, ASN44386 (OZON-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c814eb8108927aa24ccf4d7ef56a215e7b57a8d00f5f4624ac86233668ef4707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ozon.ru/

Response headers

etag
"76812122fba2b4a8b09bf2255a003702"
x-amz-version-id
77f7f2e2-c272-4fb0-8c1a-a7cc7934ac42
x-content-type-options
nosniff
x-amz-storage-class
STANDARD
expires
Fri, 04 Apr 2025 14:27:21 GMT
x-cached-nx
HIT 0.000
server-timing
o3_img_fetch;dur=0, o3_img_origin_cache;desc=HIT, o3_img_cache;desc=HIT
alt-svc
h3=":443"; ma=86400
x-o3-trace-id
04dbdd51790cc804, 04dbdd51790cc804
date
Sat, 28 Sep 2024 06:18:40 GMT
content-type
image/png
last-modified
Mon, 27 Feb 2023 11:15:18 GMT
x-amz-tagging-count
0
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-request-id
018e942a-e455-7d1c-bed7-91346e8b3855
accept-ranges
bytes, bytes, bytes
access-control-allow-origin
*
content-length
12512
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
taxlevelservice.info
URL
https://taxlevelservice.info/favicon.ico
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/NRJS-70d296500a1ce2f6999?a=1527573371&v=1.265.1&to=YgFTNhADC0BUARZYX1tLcAEWCwpdGiMSQWx9EEUSPiEKXUEQDV1cUBZCPjAHAVpHBwFFc1oKRRANDglWRyIQVFRcFlQBFg%3D%3D&rst=1451&ck=0&s=a703a8c0a08f0d06&ref=https://taxlevelservice.info/&ptid=ad1bf4c2f04e8d4f&af=err,spa,xhr,stn,ins&ap=37&be=853&fe=450&dc=444&at=TkZQQFgZGE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1727504317872,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:25,%22c%22:25,%22s%22:200,%22ce%22:385,%22rq%22:385,%22rp%22:853,%22rpe%22:1281,%22di%22:1297,%22ds%22:1297,%22de%22:1297,%22dc%22:1300,%22l%22:1300,%22le%22:1303%7D,%22navigation%22:%7B%7D%7D

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x29a689 function| ownKeys function| _objectSpread2 function| _0x3428 function| _regeneratorRuntime function| _toPrimitive function| _toPropertyKey function| _typeof function| asyncGeneratorStep function| _asyncToGenerator function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _setPrototypeOf function| _isNativeReflectConstruct function| _construct function| _toConsumableArray function| _arrayWithoutHoles function| _iterableToArray function| _unsupportedIterableToArray function| _arrayLikeToArray function| _nonIterableSpread function| _createForOfIteratorHelper function| initVM function| getType function| checkInstance function| checkIn function| not function| getCaller function| tryCatch function| isCallWithoutErrors function| getNew function| getNull function| getPloc function| fnCall1 function| getTop function| getWebGLCtx function| getWebGLExtraInfo function| canvasToDataUrl function| getQueryParams function| timeoutThrow function| object object| helpers function| b object| commonjsGlobal function| getDefaultExportFromCjs function| getAugmentedNamespace function| commonjsRequire object| core object| __viteBrowserExternal object| __viteBrowserExternal$1 object| require$0 object| _0x2d36d9 object| coreExports object| c$1 object| aes object| encBase64 number| hasRequiredEncBase64 function| requireEncBase64 object| md5 number| hasRequiredMd5 function| requireMd5 object| evpkdf object| sha1 number| hasRequiredSha1 function| requireSha1 object| hmac number| hasRequiredHmac number| hasRequiredEvpkdf function| requireHmac function| requireEvpkdf object| cipherCore number| hasRequiredCipherCore object| _0x4978d6 function| requireCipherCore object| encHex function| _0x808995 object| c function| RefCounter function| getValueType function| isPrimitive function| _isNativeFunction function| isNativeFunction function| arrayLikeToArray function| toArray function| serializeValue function| s function| getHelpers function| runChallenge function| _runChallenge function| _0x167826 function| convertRemToPixels function| postMessageWithContentHeight function| renderIncidentInfo string| ABT_ATT_PARAM string| ORIGIN_REFERER_PARAM string| MODE_PARAM string| MOBILE_MODE string| ABT_CHALLENGE_FAIL function| sendCandidate function| _0x11e6 function| _sendCandidate function| _0x100d function| asString function| getOriginRefererFromToken function| getSearchWithAbtAtt function| setRunStatus function| _0x35ac function| main function| _main

3 Cookies

Domain/Path Name / Value
.ozon.ru/ Name: __Secure-ETC
Value: ce9dee795f9ba1373a1c92d8a7f7bb1a
.ozone.ru/ Name: abt_data
Value: 7.IZW-M13f0fSRExPm9M1VijCdPFz-XnnGexafG-UKr43ye9NUt03Tx5LZny4EiXhN3iBkxXEKfCIPYUVI8vWtalXjZsQy4fu_otjCeMvXUNYnYR8-rwu74wYYSf9JkZSCRKPoS7Jl7VMMWZ9uR6MQaYDNA4U4yNBhd8Qzjikda6Lovc8wEpBmkQoh2aIU8i69im2aBSOQTzcnccrA3U9yjbPUjSbT9sBoKO0-gk68UF8g-N9pyeDVWKuzGZu9jC1lV-BVpnEzTW_BTcHcdCAQq8M9XRJAcQ
.ozon.ru/ Name: abt_data
Value: 7.2OcK8J1kdfWWP_O81rzu6Q7FogWPL5RBlhhXndQ7GwTf4-tZxApsaflMnRQgxJ_g52VfyA0I5VI6PFSGvbz-QiiBt56HS9FZFAvltg4UqQTd8brR-W-5MmGdaPK0M1fMZclhGvjvb3aVa4-vhDgpmdl9p5E88p6rO9aPWsxL4JwsmRJDplxMi8Xy4ukgrjw6_IJAabkA4CiOBcmGIi8-8DRxyIPGLuke1ZLWo6Ofw_gEmVVrSXSV7bwb-DNJyZG2CuLFsfGgmkuadLkMdfORzCO0uNTLeTeXo_dOX90Xg7TNNiqSpZ5h2z2oEJOJ_BhsP0g8VOlzqYiOEqoGj53PHZcDr2THoXwXZ20

4 Console Messages

Source Level URL
Text
network error URL: https://taxlevelservice.info/favicon.ico
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://ozon.ru/?__rr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ozon.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ozon.ru/abt/result
Message:
Failed to load resource: the server responded with a status of 403 ()