2baksa.ws Open in urlscan Pro
2606:4700:3030::ac43:da6b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.2baksa.net/
Effective URL:
http://2baksa.ws/
Submission: On April 04 via manual (April 4th 2022, 6:34:44 pm UTC) from US — Scanned from DE

Summary HTTP 208 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 20 domains to perform 208 HTTP transactions. The main IP is 2606:4700:3030::ac43:da6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2baksa.ws.

This is the only time 2baksa.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
94	2606:4700:303... 2606:4700:3030::ac43:da6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	80.87.200.35 80.87.200.35	29182 (THEFIRST-AS) (THEFIRST-AS)
1	62.109.31.142 62.109.31.142	29182 (THEFIRST-AS) (THEFIRST-AS)
2	109.235.165.222 109.235.165.222	43247 (YOOMONEY-AS) (YOOMONEY-AS)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
22	185.71.78.18 185.71.78.18	43247 (YOOMONEY-AS) (YOOMONEY-AS)
8	91.227.52.14 91.227.52.14	56806 (ASCOM4S) (ASCOM4S)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3 6	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
3 9	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
1 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	91.227.52.83 91.227.52.83	56806 (ASCOM4S) (ASCOM4S)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE)
4	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
208	20

44 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.2baksa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nowa.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2606:4700:3030::ac43:da6b (United States)

ASN13335 (CLOUDFLARENET, US)

2baksa.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.87.200.35 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: i6.imageban.ru

i6.imageban.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.31.142 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: info24.fvds.ru

i2.imageban.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.235.165.222 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: 109-235-165-222.yamoney.ru

yoomoney.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 185.71.78.18 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: 185-71-78-18.yamoney.ru

static.yoomoney.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.227.52.14 (Balashikha, Russian Federation)

ASN56806 (ASCOM4S, RU)

funding.webmoney.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.212.201.216 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 89.208.236.251 (Reutov, Russian Federation) 3 redirects

ASN12695 (DINET-AS, RU)

js.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit5.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit32.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit17.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.227.52.83 (Balashikha, Russian Federation)

ASN56806 (ASCOM4S, RU)

counter.web.money	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.19.89.16 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	2baksa.ws 2baksa.ws	1 MB
43	nowa.cc nowa.cc	279 KB
24	yoomoney.ru yoomoney.ru — Cisco Umbrella Rank: 106466 static.yoomoney.ru — Cisco Umbrella Rank: 183655	586 KB
9	hotlog.ru 3 redirects js.hotlog.ru — Cisco Umbrella Rank: 315704 hit5.hotlog.ru — Cisco Umbrella Rank: 483077 hit32.hotlog.ru hit17.hotlog.ru	11 KB
8	google.com apis.google.com — Cisco Umbrella Rank: 103 accounts.google.com — Cisco Umbrella Rank: 82	133 KB
8	webmoney.ru funding.webmoney.ru	89 KB
6	yadro.ru 3 redirects counter.yadro.ru — Cisco Umbrella Rank: 7548	3 KB
5	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 9053	3 KB
4	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 26861	2 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 647	512 B
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 396	24 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	17 KB
2	web.money counter.web.money	2 KB
2	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 2894	137 KB
2	imageban.ru i6.imageban.ru — Cisco Umbrella Rank: 276482 i2.imageban.ru — Cisco Umbrella Rank: 248546	51 KB
1	gstatic.com ssl.gstatic.com	5 KB
1	top100.ru st.top100.ru — Cisco Umbrella Rank: 30114	63 KB
1	goo.gl 1 redirects goo.gl — Cisco Umbrella Rank: 7853	1023 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 2814	284 B
1	2baksa.net 1 redirects www.2baksa.net	654 B
208	20

	Domain	Requested by
94	2baksa.ws	2baksa.ws nowa.cc
43	nowa.cc	2baksa.ws nowa.cc
22	static.yoomoney.ru	yoomoney.ru static.yoomoney.ru
8	funding.webmoney.ru	2baksa.ws funding.webmoney.ru nowa.cc
6	apis.google.com	nowa.cc apis.google.com accounts.google.com
6	counter.yadro.ru	3 redirects 2baksa.ws nowa.cc
5	mc.yandex.com	1 redirects 2baksa.ws mc.yandex.ru
4	kraken.rambler.ru	st.top100.ru nowa.cc
3	js.hotlog.ru	2baksa.ws nowa.cc
2	bam.nr-data.net	js-agent.newrelic.com
2	js-agent.newrelic.com	2baksa.ws
2	hit17.hotlog.ru	1 redirects 2baksa.ws
2	www.google-analytics.com	2baksa.ws
2	accounts.google.com	apis.google.com 2baksa.ws
2	hit32.hotlog.ru	1 redirects nowa.cc
2	counter.web.money	funding.webmoney.ru
2	hit5.hotlog.ru	1 redirects 2baksa.ws
2	mc.yandex.ru	static.yoomoney.ru
2	yoomoney.ru	2baksa.ws
1	ssl.gstatic.com	accounts.google.com
1	st.top100.ru	nowa.cc
1	goo.gl	1 redirects
1	bit.ly	1 redirects
1	i2.imageban.ru	2baksa.ws
1	i6.imageban.ru	2baksa.ws
1	www.2baksa.net	1 redirects
208	26

This site contains links to these domains. Also see Links.

Domain
translate.google.com
nowa.cc
www.portmone.com.ua
www.liveinternet.ru
click.hotlog.ru

Subject Issuer	Validity	Valid
*.imageban.ru Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-08-29`	a year	crt.sh
yoomoney.ru Sectigo RSA Organization Validation Secure Server CA	`2021-12-02` - `2022-11-24`	a year	crt.sh
static.yoomoney.ru Sectigo RSA Organization Validation Secure Server CA	`2021-12-15` - `2023-01-05`	a year	crt.sh
*.webmoney.ru Sectigo RSA Domain Validation Secure Server CA	`2020-06-10` - `2022-06-10`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.web.money Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-12`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://2baksa.ws/
Frame ID: A4C60E901E7C6F366B1E584E109DE09C
Requests: 56 HTTP requests in this frame

Frame: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D1%83%202BakSa.WS&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=http%3A%2F%2F2baksa.ws%2F&quickpay=shop&account=410013204813773&
Frame ID: 51395B74E6051AEFCD19EFC9205908F0
Requests: 17 HTTP requests in this frame

Frame: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D1%83%202BakSa.WS&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=http%3A%2F%2F2baksa.ws%2F&quickpay=shop&account=410013204813773&
Frame ID: 3DC385853610211327B5E8FCF730847F
Requests: 17 HTTP requests in this frame

Frame: http://2baksa.ws/eempty.html
Frame ID: C18A29EF84F7FDB47238C68C0BA369B9
Requests: 49 HTTP requests in this frame

Frame: https://funding.webmoney.ru/widgets/horizontal/289eb288-6602-408a-933c-2133a6673677?bt=0&hs=1&sum=100
Frame ID: 8B058715FAE4C38F87B0265A5ACCA055
Requests: 5 HTTP requests in this frame

Frame: http://nowa.cc/eempty.html
Frame ID: 345E90F9F6948C331C02A145EFC1CA96
Requests: 58 HTTP requests in this frame

Frame: https://funding.webmoney.ru/widgets/horizontal/425e18d2-1df9-42ee-9a02-42f0f911aadd?hs=1&bt=0&sum=200
Frame ID: 6172EC90D65CF3C68A5AFA506580EA8E
Requests: 5 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fnowa.cc&url=http%3A%2F%2Fnowa.cc%2Feempty.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: 4A137CAD93C8A073A20D36C67D35402D
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fnowa.cc&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I13-EL4NYtQ.O%2Fd%3D1%2Frs%3DAHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w%2Fm%3D__features__
Frame ID: 06EDC2E546589F0BC3F4CB7167DE6186
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2BakSa.WS

Page URL History Show full URLs

http://www.2baksa.net/ HTTP 301
http://2baksa.ws/ Page URL