finalomar.xyz
Open in
urlscan Pro
47.245.34.63
Malicious Activity!
Public Scan
Submission: On February 01 via automatic, source openphish
Summary
This is the only time finalomar.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 47.245.34.63 47.245.34.63 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
1 | 217.69.139.59 217.69.139.59 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
9 | 3 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
finalomar.xyz |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: portal.mail.ru
portal.mail.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
finalomar.xyz
finalomar.xyz |
900 KB |
1 |
mail.ru
portal.mail.ru |
|
9 | 2 |
Domain | Requested by | |
---|---|---|
8 | finalomar.xyz |
finalomar.xyz
|
1 | portal.mail.ru |
finalomar.xyz
|
9 | 2 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mail.ru GeoTrust RSA CA 2018 |
2017-12-15 - 2020-12-14 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://finalomar.xyz/mail/mail.ru/
Frame ID: 11BC2EDEDB0BEA3A57C34A1AB166351E
Requests: 10 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Забыли пароль?
Search URL Search Domain Scan URL
Title: Регистрация в Почте
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
finalomar.xyz/mail/mail.ru/ |
27 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.css
finalomar.xyz/mail/mail.ru/sign_in_files/ |
224 KB 224 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authGate.js.download
finalomar.xyz/mail/mail.ru/sign_in_files/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js.download
finalomar.xyz/mail/mail.ru/sign_in_files/ |
401 KB 402 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
external.min.js.download
finalomar.xyz/mail/mail.ru/sign_in_files/ |
219 KB 219 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo2x.png
finalomar.xyz/mail/mail.ru/sign_in_files/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d22345996.gif
finalomar.xyz/mail/mail.ru/sign_in_files/ |
43 B 283 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter
finalomar.xyz/mail/mail.ru/sign_in_files/ |
43 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
27 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Domains
portal.mail.ru/ |
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| requirejs function| require function| define object| __window function| $ function| jQuery function| i18n function| key function| Pilot object| fest function| lego function| setTimeoutLog function| setIntervalLog object| logger object| octolog object| jQuery18305603562684503431 undefined| jQuery18305603562684503431_15805161693590 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
finalomar.xyz
portal.mail.ru
217.69.139.59
47.245.34.63
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2ee8fd939d37fab0f66abcdb76aedca32bb5c9a2a7df87108057570f65c6bc3d
62c552801951513becbb3711fd25b974fcd3f5c4fdde4d41f8da36bd5dc3fd13
8284bd160e1c439d7ca4c7eb8408f468a1b0be6523f04b5ea3ebd4e19b7b3a73
ad19554f24f52c8069ac20c3016506a3c856f4071490597f936aae975d62e277
bc265b5c52350d03cce1f1f93245c9d869f0b7606eaa928fcf679e1d551ccd52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e19300ef2584b5d6943f00c1b88783cae77002ed05a1ba3fe054c62cc47e361b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd109c9dc20771ccc839cc319992b911f5e96c1add52a22c9f8b803c8b11273