remboursem.temp.swtest.ru
Open in
urlscan Pro
77.222.40.7
Public Scan
Effective URL: http://remboursem.temp.swtest.ru/cfspart.impots.gouv.fr-portail-remboursementrapide/LoginAccess=true_FranceConnect/aHR0cHM6Ly9jZn...
Submission: On July 21 via manual from FR
Summary
This is the only time remboursem.temp.swtest.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.123.124 167.89.123.124 | 11377 (SENDGRID) (SENDGRID) | |
1 1 | 91.134.146.191 91.134.146.191 | 16276 (OVH) (OVH) | |
1 1 | 2606:4700:303... 2606:4700:3034::ac43:9685 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 205.144.171.226 205.144.171.226 | 7296 (ALCHEMYNET) (ALCHEMYNET) | |
1 | 77.222.40.7 77.222.40.7 | 44112 (SWEB-AS) (SWEB-AS) | |
2 | 3 |
ASN11377 (SENDGRID, US)
PTR: o16789123x124.outbound-mail.sendgrid.net
url7099.autodesk.com |
ASN7296 (ALCHEMYNET, US)
PTR: 205-144-171-226.alchemy.net
khad180521-001-site1.itempurl.com |
ASN44112 (SWEB-AS, RU)
PTR: vh290.sweb.ru
remboursem.temp.swtest.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
swtest.ru
remboursem.temp.swtest.ru |
310 KB |
1 |
itempurl.com
khad180521-001-site1.itempurl.com |
696 B |
1 |
itsssl.com
1 redirects
itsssl.com |
802 B |
1 |
elasticemail.com
1 redirects
11e8o.trk.elasticemail.com |
390 B |
1 |
autodesk.com
1 redirects
url7099.autodesk.com |
451 B |
2 | 5 |
Domain | Requested by | |
---|---|---|
1 | remboursem.temp.swtest.ru | |
1 | khad180521-001-site1.itempurl.com | |
1 | itsssl.com | 1 redirects |
1 | 11e8o.trk.elasticemail.com | 1 redirects |
1 | url7099.autodesk.com | 1 redirects |
2 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
sweb.ru |
help.sweb.ru |
mcp.sweb.ru |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://remboursem.temp.swtest.ru/cfspart.impots.gouv.fr-portail-remboursementrapide/LoginAccess=true_FranceConnect/aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyLw==/gouv-fr/gouv-fr
Frame ID: 00BA5291B997909CCB79883F754CBFD8
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://url7099.autodesk.com/ls/click?upn=dsN1SENn44qNpQt-2BARvKRLBhX8rJ2nbHo5JQ8dL8buB50kHD1kpAorYmfEqQt...
HTTP 302
https://11e8o.trk.elasticemail.com/tracking/click?d=buUc2qPSrewQafNjfiJ-Tl9gdFeOLxl3DL2SwbKRg5dmnVF4D_oLrY2gix-... HTTP 302
https://itsssl.com/impots-gouv-fr-votre-remboursement2021 HTTP 301
http://khad180521-001-site1.itempurl.com/redlin-imp-fr2105/ Page URL
- http://remboursem.temp.swtest.ru/cfspart.impots.gouv.fr-portail-remboursementrapide/LoginAccess=true_FranceCo... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Поддержка
Search URL Search Domain Scan URL
Title: правила
Search URL Search Domain Scan URL
Title: панели управления
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://url7099.autodesk.com/ls/click?upn=dsN1SENn44qNpQt-2BARvKRLBhX8rJ2nbHo5JQ8dL8buB50kHD1kpAorYmfEqQtvmQabWuXeY-2FzSZ54ZkO3orTqO46BY-2B0Cw6wRofmX3u864tusKrYFNPNM6mubKgLxrgY12EMfxe3P4D7JHBNOVzrPXsC0LbHnT0156rDTr9MtdBO2E1uDxGDsYXY8XDePjByTR-2FhnMo7X4vpVI5FzUYUSkKmbBthag-2B2Qi5Xykl4AVzil2JCh-2FAPLWhCLbiR-2FNrIltty9VBjtEIoPm8oa5wGp5pLHP-2FGzbNUh5Eh5lMeD-2FE7cKm1LydDeogSiOjz9a9NySytyf6P3hz5gyNyosgr2PTHrOVHqp5OL2TOuHteXP0-3D4SUf_ijyvz-2FeT9gx-2F0tD1bhXgyU0kITCwf-2Fq11N-2BPGkChnel-2BOattCK625kZyUJwsISrSzhVVASoRSeBrcmpFXqiqoyNRQ53Sy4xYX1hxz6kEYC7ME-2FY4FzfD1ZUduFxMzL5T2iCCmJu6F-2B5EZulowfypWRbfRx82IxmE-2FH6VfsBRlQMm8ycIodzj7qxyFBUlsF-2B9De7zozN3tdyGTKMuDlddbA-3D-3D
HTTP 302
https://11e8o.trk.elasticemail.com/tracking/click?d=buUc2qPSrewQafNjfiJ-Tl9gdFeOLxl3DL2SwbKRg5dmnVF4D_oLrY2gix-yjWbN2j1ShaALSgX_FaND2R97yLHCDeohyYQZ98mpAxHy3uR6MejUaCjKuhEUuFPzjeBAB7J9VoGR7ujfOqtT_pMlxSwLNSEdzu8QBPcmaGFCeQuF_MTKeGYS13u0mjyextrCSg2 HTTP 302
https://itsssl.com/impots-gouv-fr-votre-remboursement2021 HTTP 301
http://khad180521-001-site1.itempurl.com/redlin-imp-fr2105/ Page URL
- http://remboursem.temp.swtest.ru/cfspart.impots.gouv.fr-portail-remboursementrapide/LoginAccess=true_FranceConnect/aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyLw==/gouv-fr/gouv-fr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://url7099.autodesk.com/ls/click?upn=dsN1SENn44qNpQt-2BARvKRLBhX8rJ2nbHo5JQ8dL8buB50kHD1kpAorYmfEqQtvmQabWuXeY-2FzSZ54ZkO3orTqO46BY-2B0Cw6wRofmX3u864tusKrYFNPNM6mubKgLxrgY12EMfxe3P4D7JHBNOVzrPXsC0LbHnT0156rDTr9MtdBO2E1uDxGDsYXY8XDePjByTR-2FhnMo7X4vpVI5FzUYUSkKmbBthag-2B2Qi5Xykl4AVzil2JCh-2FAPLWhCLbiR-2FNrIltty9VBjtEIoPm8oa5wGp5pLHP-2FGzbNUh5Eh5lMeD-2FE7cKm1LydDeogSiOjz9a9NySytyf6P3hz5gyNyosgr2PTHrOVHqp5OL2TOuHteXP0-3D4SUf_ijyvz-2FeT9gx-2F0tD1bhXgyU0kITCwf-2Fq11N-2BPGkChnel-2BOattCK625kZyUJwsISrSzhVVASoRSeBrcmpFXqiqoyNRQ53Sy4xYX1hxz6kEYC7ME-2FY4FzfD1ZUduFxMzL5T2iCCmJu6F-2B5EZulowfypWRbfRx82IxmE-2FH6VfsBRlQMm8ycIodzj7qxyFBUlsF-2B9De7zozN3tdyGTKMuDlddbA-3D-3D HTTP 302
- https://11e8o.trk.elasticemail.com/tracking/click?d=buUc2qPSrewQafNjfiJ-Tl9gdFeOLxl3DL2SwbKRg5dmnVF4D_oLrY2gix-yjWbN2j1ShaALSgX_FaND2R97yLHCDeohyYQZ98mpAxHy3uR6MejUaCjKuhEUuFPzjeBAB7J9VoGR7ujfOqtT_pMlxSwLNSEdzu8QBPcmaGFCeQuF_MTKeGYS13u0mjyextrCSg2 HTTP 302
- https://itsssl.com/impots-gouv-fr-votre-remboursement2021 HTTP 301
- http://khad180521-001-site1.itempurl.com/redlin-imp-fr2105/
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
khad180521-001-site1.itempurl.com/redlin-imp-fr2105/ Redirect Chain
|
312 B 696 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
gouv-fr
remboursem.temp.swtest.ru/cfspart.impots.gouv.fr-portail-remboursementrapide/LoginAccess=true_FranceConnect/aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyLw==/gouv-fr/ |
310 KB 310 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
925 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 KB 103 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
105 KB 105 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
11e8o.trk.elasticemail.com
itsssl.com
khad180521-001-site1.itempurl.com
remboursem.temp.swtest.ru
url7099.autodesk.com
167.89.123.124
205.144.171.226
2606:4700:3034::ac43:9685
77.222.40.7
91.134.146.191
086c09c36f313834444c3227a54ae7191b525a596f74694c387f48eb985c6df0
51fb34c87ea4df9c2ea3b94ac4afe5f4a13b956578e9c53ffaed60fae5a79054
5f4265fb32c28165168917b95dabf5137ae131e091b837fcd7e228ea24335551
abc2d33db7f22b7b9225dda58067692eeb4007acf2bac50efeaaaf9c43a09395
c2b1edf78bc6c35875b636390844169f50997415db01b9e540938a8d2e449d1b
df3abd8e747ed562685d6c6152e282bcdbc0664213f3e27a11a2069b966250d9
ead5a1d742b49efc58c171801d130b1da8dd2c7a2c3e4dc9c008dfbeed7c34b7