profiks-company.ru Open in urlscan Pro
87.236.16.215 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://profiks-company.ru/outlook/Ovice/
Submission: On October 26 via api (October 26th 2023, 3:14:21 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 87.236.16.215, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is profiks-company.ru.
TLS certificate: Issued by R3 on September 19th 2023. Valid for: 3 months.

This is the only time profiks-company.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
29	87.236.16.215 87.236.16.215	198610 (BEGET-AS) (BEGET-AS)
3	2600:1408:c40... 2600:1408:c400:191::35c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	85.12.253.26 85.12.253.26	28890 (INSYS-AS ...) (INSYS-AS INSYS ISP)
1	93.186.225.194 93.186.225.194	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
41	8

29 87.236.16.215 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.jesse.beget.com

profiks-company.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1408:c400:191::35c1 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.12.253.26 (Yekaterinburg, Russian Federation)

ASN28890 (INSYS-AS INSYS ISP, RU)

voiphtproxy.profintel.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	profiks-company.ru profiks-company.ru	318 KB
3	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 6180	2 KB
3	microsoftonline-p.com secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 24166	282 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	62 KB
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 2472	55 KB
1	vk.com vk.com — Cisco Umbrella Rank: 4111	577 B
1	profintel.ru voiphtproxy.profintel.ru
1	yandex.st yandex.st — Cisco Umbrella Rank: 81629	891 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	914 B
41	9

	Domain	Requested by
29	profiks-company.ru	profiks-company.ru
3	mc.yandex.com	1 redirects profiks-company.ru
3	secure.aadcdn.microsoftonline-p.com	profiks-company.ru
2	code.jquery.com	profiks-company.ru
1	mc.yandex.ru	profiks-company.ru
1	vk.com	profiks-company.ru
1	voiphtproxy.profintel.ru	profiks-company.ru
1	yandex.st	profiks-company.ru
1	fonts.googleapis.com	profiks-company.ru
41	9

This site contains links to these domains. Also see Links.

Domain
login.microsoftonline.com
login.live.com

Subject Issuer	Validity	Valid
profiks-company.ru R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
secure.aadcdn.microsoftonline-p.com Microsoft Azure ECC TLS Issuing CA 04	`2023-09-14` - `2024-09-08`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-07-10` - `2024-01-07`	6 months	crt.sh
*.profintel.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-02-28` - `2024-03-31`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://profiks-company.ru/outlook/Ovice/
Frame ID: 565E49568BDB0A362604C49A3A4C2B38
Requests: 5 HTTP requests in this frame

Frame: https://profiks-company.ru/outlook/Ovice/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: F510E731E5BF9E035924911A1BE84E0E
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

720 kB
Transfer

1473 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://login.microsoftonline.com/common/reprocess?ctx=rQIIAXWRO2_TUACFc_MwLSCoWGDswARy4nfiiA4hcZ2E2A6O3dZeItfx48bP2DeE5BewIHVg6oiEkCompgqE2DtVgglWBlQJCXVAjKQ_gOVMR5-OzvegRFbJ5n2GZlirfsjjvMXROMOTBG4xFIfTLM3RFEFOWILO7lzfQu--Tj7_edR9-ePG4OLyy6cTcNdHKM2btdpisagmrgttp2onUe0UgHMAfgJwXKw4Ma6PToo5R3N1muGoxppG8STL81VJU31F1BlppSNpakIZEoRMSauB5jHS9CmSRJ2StUlk7JuhFOmMMTVYRbMXSkdHZsePlDZBmOIuHOzvhvKaoYh7vjQNlsZKWMmRTn4r3lZac-RTV5FkcOVcFjfdJIvGaZKj49JboKRO3Ju0kzh2bFS9qjkxgraFYBIPsyR1MgSdfKc1U-XelOxanDmSGS8Yj4LnASFEROIqoc8m6p5gisFyZgxmPWt2yPYzlTOIpZaKMJuyFg_DgfvE16h2iFBg0l6wtDNZ2A_GJs6SndZAsqgof0an-MFjXqWEnt1osKY59zx3tpwPrfB9CVvfGiXxWenWelQMJ9tplrgwdM7L4KJ8kyg1NzawLXCvsF34WwavK2tbvwz3o2RG4hv--6j06rRwVqk9hKHHBhRNacOJwB9IklKPPFX1uSHZ7_aZrsApi5xvEMOY2WGa5BEGjjDsNwZeXCt82Pyf6381
Title: Can’t access your account?

Search URL Search Domain Scan URL

URL: https://login.live.com/oauth20_authorize.srf?response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&scope=openid+profile+email+offline_access&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2&state=rQIIAXWSvW_TUBTF4yQNbUFQISQYOzCBnDw_fySO6FBa10mJ7eDYbe0lch1_vPgzzmtD8hewIHVgyoiEkCompgqE2DtVgqmsDKgSEuqAGHHZu9zlnvPT1Tn3UYmqUs2HDM2wVn2fJ3mLo0mGpwBpMZAjaZbmaAioAQvo7O7yCn7_bfDlz5PWqx83OxeXXz_PiaV-iA6dqp1Ex8R9H-N03KzVJpNJNXFdZP9f1E4I4owgfhLEvLjgxKTeOy6OOZqr0wwHGzkZ8hTL81VJU31F1BlppmNpaCIZASBDadbRPEYaPseSqENZG0TGrhlKkc4YQ4NVNHuibOrY3PQjZQMAU9xCnd2tUM4ZirjjS8NgasyEmRzp1HnxjrJ-gH14NZIMzZzL4pKbZFE_TcZ4XnpHKKkTtwcbSRw7Nq5eyZwYI9vCKIm7WZI6GUbOeG19pMrtIdWyOLMnM17Q7wUvAiBEIHGV0GcTdUcwxWA6MjqjtjXaZ7czlTPAVEtFlA1Zi0dhx33ma3AjxDgwaS-Y2pks7AZ9k2SpzfWOZMFofEin5N5TXoVC2240WNM88Dx3ND3oWuGHUiWPNUri09Lt_KgYDVbTLHFR6JyViYvyLVBqLi5WVogHhdXC3zLxZiFv7pfhfpLMSHzLf--VXp8UThdqj1HosQGkodYdCPyeJCn1yFNVn-tS261tpiVwymTMN0A3ZtaYJnVUIY4qld-V4ssbhY9L13V9vnwv_5cGCXgSsquAb1K5tW7-Aw2&estsfed=1&uaid=64d4ac74f6bf483c8de40b4ceaf2d3bd&signup=1&lw=1&fl=easi2&fci=4345a7b9-9a63-4910-a426-35363201d503&mkt=en-US
Title: Create one!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/watch/36860155?wmode=7&page-url=https%3A%2F%2Fprofiks-company.ru%2Foutlook%2FOvice%2FSign%2520in%2520to%2520your%2520account_files%2Fprefetch(1).html&page-ref=https%3A%2F%2Fprofiks-company.ru%2Foutlook%2FOvice%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A410883481152%3Ahid%3A484975412%3Az%3A-600%3Ai%3A20231026051417%3Aet%3A1698333257%3Ac%3A1%3Arn%3A618344037%3Arqn%3A1%3Au%3A1698333257800456160%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C442%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1698333255115%3Arqnl%3A1%3Ast%3A1698333257%3At%3ANothing%20found%20for%20Outlook%20Ovice%20Sign%2520In%2520To%2520Your%2520Account_Files%20Prefetch(1)&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/36860155/1?wmode=7&page-url=https%3A%2F%2Fprofiks-company.ru%2Foutlook%2FOvice%2FSign%2520in%2520to%2520your%2520account_files%2Fprefetch%281%29.html&page-ref=https%3A%2F%2Fprofiks-company.ru%2Foutlook%2FOvice%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86jx5xzg2bypmh9uy7rmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A410883481152%3Ahid%3A484975412%3Az%3A-600%3Ai%3A20231026051417%3Aet%3A1698333257%3Ac%3A1%3Arn%3A618344037%3Arqn%3A1%3Au%3A1698333257800456160%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C442%2C1%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1698333255115%3Arqnl%3A1%3Ast%3A1698333257%3At%3ANothing%20found%20for%20Outlook%20Ovice%20Sign%2520In%2520To%2520Your%2520Account_Files%20Prefetch%281%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
profiks-company.ru/outlook/Ovice/ 191 KB
27 KB 4257ms
3365ms Document
text/html 87.236.16.215
BEGET-AS

General

Domain/Path	Expires	Name / Value
profiks-company.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 72cf90d257bb7dc594a47f647591ee61
.vk.com/	1970-01-21 00:23:25	Name: remixlang Value: 3
.vk.com/	1970-01-21 00:31:09	Name: remixstlid Value: 9097104654367168718_TLgHZiGZDZnmFOTym6Ui03ATJ2wvigNF5hH3hSkAJbz
.yandex.ru/	1970-01-21 01:21:33	Name: i Value: DfyL/DpC4DdvF76mH3/6JrNcW22fz1Nxlr8uLmr/NNJUxtg2wz1DduJe3J6+ztjkUfcKzpdIhRgGf9zVCRDlxYIXuqc=
.yandex.ru/	1970-01-21 01:21:33	Name: yandexuid Value: 6858222811698333256
.profiks-company.ru/	1970-01-21 00:31:09	Name: _ym_uid Value: 1698333257800456160
.profiks-company.ru/	1970-01-21 00:31:09	Name: _ym_d Value: 1698333257
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2470236941698333257
.yandex.com/	1970-01-21 01:21:33	Name: i Value: kTPkBMeAUppaIGOvytYus25zGYO+9eaPCfu1wE3KLsMlBzVzJSp8AgdTX6gALAsmKaXEw+/eMbYDhnKaRqvSEOSAz1E=
.yandex.com/	1970-01-21 01:21:33	Name: yandexuid Value: 4708162721698333257
.yandex.com/	1970-01-21 00:31:09	Name: yuidss Value: 4708162721698333257
.yandex.com/	1970-01-21 00:31:09	Name: ymex Value: 1729869257.yrts.1698333257#1729869257.yrtsi.1698333257
.yandex.com/	1970-01-21 00:31:09	Name: bh Value: KgI/MA==
.profiks-company.ru/	1970-01-20 15:45:35	Name: _ym_visorc Value: w
voiphtproxy.profintel.ru/	1969-12-31 23:59:59	Name: _csrf Value: bfI8NDiOJS1ISswI7dob83Z_
.profiks-company.ru/	1970-01-20 15:46:45	Name: _ym_isad Value: 2

Source	Level	URL Text
network	error	URL: https://profiks-company.ru/outlook/Ovice/Sign%20in%20to%20your%20account_files/prefetch(1).html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://voiphtproxy.profintel.ru/nodejs-api/public/widget?id=0497191266de8288a6100202255707fc Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://profiks-company.ru/wp-content/wp-content/themes/twentysixteen/images/actions.jpg Message: Failed to load resource: the server responded with a status of 404 ()

profiks-company.ru Open in urlscan Pro 87.236.16.215 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

63 %IPv6

9 Domains

9 Subdomains

8 IPs

2 Countries

720 kBTransfer

1473 kBSize

16 Cookies

2 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

profiks-company.ru Open in urlscan Pro
87.236.16.215 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

720 kB
Transfer

1473 kB
Size

16
Cookies

41 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!