xxwrg.whateverittakes.ru
Open in
urlscan Pro
217.8.117.39
Public Scan
Submitted URL: http://elitetank.com/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6BBE&_L54AD1F204_=c2Nl...
Effective URL: https://xxwrg.whateverittakes.ru/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6BBE&_L54AD1F204_=c2Nl...
Submission: On November 18 via manual from FR
Effective URL: https://xxwrg.whateverittakes.ru/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6BBE&_L54AD1F204_=c2Nl...
Submission: On November 18 via manual from FR
Summary
This website contacted 5 IPs
in 5 countries
across 4 domains to perform 8 HTTP transactions.
The main IP is 217.8.117.39, located in
Russian Federation and
belongs to CREXFEXPEX-RUSSIA2, RU.
The main domain is xxwrg.whateverittakes.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 11th 2020. Valid for: 3 months.
This is the only time xxwrg.whateverittakes.ru was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on October 11th 2020. Valid for: 3 months.
This is the only time xxwrg.whateverittakes.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 50.63.72.1 50.63.72.1 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
| 1 | 217.8.117.39 217.8.117.39 | 47510 (CREXFEXPE...) (CREXFEXPEX-RUSSIA2) | |
| 1 | 195.138.255.17 195.138.255.17 | 201011 (NETZBETRI...) (NETZBETRIEB-GMBH) | |
| 4 | 2.16.186.19 2.16.186.19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 104.109.58.120 104.109.58.120 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 8 | 5 |
1
50.63.72.1
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: p3nlhg364c1364.shr.prod.phx3.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: p3nlhg364c1364.shr.prod.phx3.secureserver.net
| elitetank.com |
4
2.16.186.19
(Ascension Island)
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
| twoo-a.akamaihd.net |
1
104.109.58.120
(Netherlands)
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-58-120.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-58-120.deploy.static.akamaitechnologies.com
| www.twoo.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
akamaihd.net
twoo02-a.akamaihd.net twoo-a.akamaihd.net |
22 KB |
| 1 |
twoo.com
www.twoo.com |
766 B |
| 1 |
whateverittakes.ru
xxwrg.whateverittakes.ru |
35 KB |
| 1 |
elitetank.com
elitetank.com |
749 B |
| 8 | 4 |
| Domain | Requested by | |
|---|---|---|
| 4 | twoo-a.akamaihd.net |
xxwrg.whateverittakes.ru
|
| 1 | www.twoo.com |
xxwrg.whateverittakes.ru
|
| 1 | twoo02-a.akamaihd.net |
xxwrg.whateverittakes.ru
|
| 1 | xxwrg.whateverittakes.ru |
elitetank.com
|
| 1 | elitetank.com | |
| 8 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.twoo.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| xxwrg.whateverittakes.ru Let's Encrypt Authority X3 |
2020-10-11 - 2021-01-09 |
3 months | crt.sh |
| a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2020-07-15 - 2021-09-13 |
a year | crt.sh |
| twoo.com GeoTrust RSA CA 2018 |
2020-03-31 - 2021-05-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://xxwrg.whateverittakes.ru/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6BBE&_L54AD1F204_=c2NlbmFyaW89TUxDUEcmdGFyZ2V0PWh0dHBzOi8vd3d3Lm5oLWhvdGVscy5mci9vZmZyZXMvc3VtbWVyLXByb21vP3V0bV9tZWRpdW09ZW1haWxpbmcmdXRtX3NvdXJjZT1pbnRlcm5hbC1hbGwmdXRtX2NhbXBhaWduPWVtYWlsaW5nX2ludGVybmFsLWFsbCZ1dG1fdGVybT0yMDIwLjA1LXN1bW1lcnByb21vJnV0bV9jb250ZW50PUZSJmNhbXBpZD05Njc1MDM0JnNhcC1vdXRib3VuZC1pZD1GRfM2RUEyQjQ5RkM1QzJGNEE1MzUxQTIxMDczQkY2NDJEOUYyMjZB&_K13_=10&_K14_=c5b20fce2a0fa06295ed830c817558df4bb7b3b49f9df69cd9b2cbb54d1c0d1f
Frame ID: 517F1546423471BF3DA109B69E8A5D07
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://elitetank.com/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6B... Page URL
- https://xxwrg.whateverittakes.ru/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6B... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTImdT0lMkYxMTgyMjU0NzU3JTNGbXRpZCUzRDEwMjkmdD0xMDI5JnVpPTE1OTUyMzgyNzM3LTE5OTI4ODg2NTMtMTAyOSUyRjElMkY0JTJGMjQ5JmE9OGVlZXRxXzc3MWI3MzBhNTc
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTUmdT0lMkZwcm9maWxlJTJGcG9wdWxhcml0eSUzRnIlM0Rub3RpZmljYXRpb25WaXNpdG9yUHJvbW8lMjZwcm9kdWN0SWQlM0QyJTI2Y29uZmlybSUzRHRydWUlMjZtdGlkJTNEMTAyOSUyNnNraXBTcGxhc2glM0RtYWlsJnQ9MTAyOSZ1aT0xNTk1MjM4MjczNy0xOTkyODg4NjUzLTEwMjklMkYxJTJGNCUyRjI0OSZhPThlZWV0cV83NzFiNzMwYTU3
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTcmdT0lMkZkb3dubG9hZCUzRnIlM0Rpbm1haWwmdD0xMDI5JnVpPTE1OTUyMzgyNzM3LTE5OTI4ODg2NTMtMTAyOSUyRjElMkY0JTJGMjQ5JmE9OGVlZXRxXzc3MWI3MzBhNTc
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTkmdT0lMkYlM0ZyJTNEaW5tYWlsJnQ9MTAyOSZ1aT0xNTk1MjM4MjczNy0xOTkyODg4NjUzLTEwMjklMkYxJTJGNCUyRjI0OSZhPThlZWV0cV83NzFiNzMwYTU3
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTEwJnU9JTJGJnQ9MTAyOSZ1aT0xNTk1MjM4MjczNy0xOTkyODg4NjUzLTEwMjklMkYxJTJGNCUyRjI0OSZhPThlZWV0cV83NzFiNzMwYTU3
Title: {% GET|MAIL TO %}
Title: {% GET|MAIL TO %}
Search URL Search Domain Scan URL
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTExJnU9JTJGc2V0dGluZ3MlMkZlbWFpbHMlMkYlM0Z2aWV3JTNEdW5zdWJzY3JpYmUlMjZhY3Rpb24lM0R1bnN1YnNjcmliZUZyb21UeXBlJTI2dmFsdWUlM0ROTyUyNnR5cGVpZCUzRDMlMjZza2lwU3BsYXNoJTNEbWFpbCZ0PTEwMjkmdWk9MTU5NTIzODI3MzctMTk5Mjg4ODY1My0xMDI5JTJGMSUyRjQlMkYyNDkmYT04ZWVldHFfNzcxYjczMGE1Nw
Title: Se désinscrire
Title: Se désinscrire
Search URL Search Domain Scan URL
URL: https://www.twoo.com/mailurl/aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZsPTEyJnU9JTJGYWJvdXQlMkZzYWZldHkmdD0xMDI5JnVpPTE1OTUyMzgyNzM3LTE5OTI4ODg2NTMtMTAyOSUyRjElMkY0JTJGMjQ5JmE9OGVlZXRxXzc3MWI3MzBhNTc
Title: conseils de sécurité
Title: conseils de sécurité
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://elitetank.com/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6BBE&_L54AD1F204_=c2NlbmFyaW89TUxDUEcmdGFyZ2V0PWh0dHBzOi8vd3d3Lm5oLWhvdGVscy5mci9vZmZyZXMvc3VtbWVyLXByb21vP3V0bV9tZWRpdW09ZW1haWxpbmcmdXRtX3NvdXJjZT1pbnRlcm5hbC1hbGwmdXRtX2NhbXBhaWduPWVtYWlsaW5nX2ludGVybmFsLWFsbCZ1dG1fdGVybT0yMDIwLjA1LXN1bW1lcnByb21vJnV0bV9jb250ZW50PUZSJmNhbXBpZD05Njc1MDM0JnNhcC1vdXRib3VuZC1pZD1GRfM2RUEyQjQ5RkM1QzJGNEE1MzUxQTIxMDczQkY2NDJEOUYyMjZB&_K13_=10&_K14_=c5b20fce2a0fa06295ed830c817558df4bb7b3b49f9df69cd9b2cbb54d1c0d1f Page URL
- https://xxwrg.whateverittakes.ru/j.php?_V_=2&_K11_=CCEF77BF65889E5B38BA393A9460256F7&6p73i6vntubgui9tcp969F6BBE&_L54AD1F204_=c2NlbmFyaW89TUxDUEcmdGFyZ2V0PWh0dHBzOi8vd3d3Lm5oLWhvdGVscy5mci9vZmZyZXMvc3VtbWVyLXByb21vP3V0bV9tZWRpdW09ZW1haWxpbmcmdXRtX3NvdXJjZT1pbnRlcm5hbC1hbGwmdXRtX2NhbXBhaWduPWVtYWlsaW5nX2ludGVybmFsLWFsbCZ1dG1fdGVybT0yMDIwLjA1LXN1bW1lcnByb21vJnV0bV9jb250ZW50PUZSJmNhbXBpZD05Njc1MDM0JnNhcC1vdXRib3VuZC1pZD1GRfM2RUEyQjQ5RkM1QzJGNEE1MzUxQTIxMDczQkY2NDJEOUYyMjZB&_K13_=10&_K14_=c5b20fce2a0fa06295ed830c817558df4bb7b3b49f9df69cd9b2cbb54d1c0d1f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
j.php
elitetank.com/ |
624 B 749 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
j.php
xxwrg.whateverittakes.ru/ |
35 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bc1e3b004710c2ca37669fd93c62d940_1_6_0_571_762_180_180_0008182545.jpg
twoo02-a.akamaihd.net/t/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img-spotlight.png
twoo-a.akamaihd.net/static/163793610704667549/images/mails/v4/notifications/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appstore.png
twoo-a.akamaihd.net/static/17177675059261116025/images/homepage/appstore/fr/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
playstore.png
twoo-a.akamaihd.net/static/1385306385986216406256/images/homepage/playstore/fr/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-twoo-flat2x.png
twoo-a.akamaihd.net/static/17156520574362430695506/images/logos/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aT0yZm8td3lpaXE1LTRoNGpxYWN0LWMxMCZ0PTEwMjkmdWk9MTU5NTIzODI3MzctMTk5Mjg4ODY1My0xMDI5JTJGMSUyRjQlMkYyNDkmYT04ZWVldHFfNzcxYjczMGE1Nw.gif
www.twoo.com/mailimage/ |
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
elitetank.com
twoo-a.akamaihd.net
twoo02-a.akamaihd.net
www.twoo.com
xxwrg.whateverittakes.ru
104.109.58.120
195.138.255.17
2.16.186.19
217.8.117.39
50.63.72.1
20d13ebe973c651c81610afd7c561a1f745dc1ca9d7d19b1c6b4afccd269d277
2c910602d960c21d725c656918adbb95c480f7099731dfa96e1c22137ec61040
7a27609facda656272e7a7cfba5386dcf624ad2aa5423437b2280617285649b7
7f91ee6fd49e1fe0d13c44e224b4dc06ed7b0c3e22e6a79c0e61d273a6b2fb9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4085122765ccc5a749e37bea66ecf7eb6ccdadd9a6c664153f22a22cf6019fc
d7204e1d540f7d32aee83748289a5c3a9ec17054f863dc98178d25ae1e1c1d91
e32a55ffd73a123eaa2cc9af7aff4ff5933346d86042a541e152269aae22504f