ia801507.us.archive.org Open in urlscan Pro
207.241.228.157 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u.to/0Y2qGw
Effective URL:
https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20V...
Submission Tags: phishing
Submission: On October 12 via api (October 12th 2021, 11:55:46 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 207.241.228.157, located in San Francisco, United States and belongs to INTERNET-ARCHIVE, US. The main domain is ia801507.us.archive.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 23rd 2019. Valid for: 2 years.

This is the only time ia801507.us.archive.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	195.216.243.155 195.216.243.155	57724 (DDOS-GUARD) (DDOS-GUARD)
3 7	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
5	207.241.228.157 207.241.228.157	7941 (INTERNET-...) (INTERNET-ARCHIVE)
1	144.161.77.234 144.161.77.234	797 (AMERITECH-AS) (AMERITECH-AS)
12	5

1 195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.unet.com

u.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 93.158.134.119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 207.241.228.157 (San Francisco, United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia801507.us.archive.org

ia801507.us.archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.161.77.234 (United States)

ASN797 (AMERITECH-AS, US)
PTR: clcontent-ff.att.com

signin.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	archive.org ia801507.us.archive.org	135 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
1	att.com signin.att.com	9 KB
1	u.to u.to	1 KB
12	6

	Domain	Requested by
5	ia801507.us.archive.org	u.to ia801507.us.archive.org
5	mc.yandex.com	2 redirects u.to
2	counter.yadro.ru	1 redirects u.to
2	mc.yandex.ru	1 redirects u.to
1	signin.att.com	ia801507.us.archive.org
1	u.to
12	6

This site contains links to these domains. Also see Links.

Domain
www.att.com
attreg.att.net
about.att.com

Subject Issuer	Validity	Valid
u.to GoGetSSL RSA DV CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.us.archive.org Go Daddy Secure Certificate Authority - G2	`2019-12-23` - `2022-02-21`	2 years	crt.sh
*.att.com DigiCert SHA2 Secure Server CA	`2020-12-16` - `2021-12-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
Frame ID: 4AB4B576C9D63A26EB09B01BCAEAC30C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Screen

Page URL History Show full URLs

https://u.to/0Y2qGw Page URL
https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATI... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

211 kB
Transfer

600 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.att.com/acctmgmt/fid/lander?origination_point=tguard&Return_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DhdxB1zEBap%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_mode%3Dform_post%26alt_dest%3Dhttps%25253A%25252F%25252Fatt-yahoo.att.net%25252FFIM%25252Fsps%25252Fauth%25253FPartnerId%25253Dhttps%2525253A%2525252F%2525252Flogin.yahoo.com%2525252Fsaml2%26scope%3Dopenid%26response_type%3Did_token%26state%3DiRIFbIIb5r%26client_id%3Dm40842&Cancel_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DhdxB1zEBap%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_mode%3Dform_post%26alt_dest%3Dhttps%25253A%25252F%25252Fatt-yahoo.att.net%25252FFIM%25252Fsps%25252Fauth%25253FPartnerId%25253Dhttps%2525253A%2525252F%2525252Flogin.yahoo.com%2525252Fsaml2%26scope%3Dopenid%26response_type%3Did_token%26state%3DiRIFbIIb5r%26client_id%3Dm40842
Title: Forgot user ID?

Search URL Search Domain Scan URL

URL: https://www.att.com/acctmgmt/fpwd/lander?origination_point=tguard&Return_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DhdxB1zEBap%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_mode%3Dform_post%26alt_dest%3Dhttps%25253A%25252F%25252Fatt-yahoo.att.net%25252FFIM%25252Fsps%25252Fauth%25253FPartnerId%25253Dhttps%2525253A%2525252F%2525252Flogin.yahoo.com%2525252Fsaml2%26scope%3Dopenid%26response_type%3Did_token%26state%3DiRIFbIIb5r%26client_id%3Dm40842&Cancel_URL=https%3A%2F%2Foidc.idp.clogin.att.com%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DhdxB1zEBap%26redirect_uri%3Dhttps%253A%252F%252Fatt-yahoo.att.net%252Fisam%252Fsps%252Foidc%252Frp%252FATT-HBO-RP%252Fredirect%252FYahoo%26response_mode%3Dform_post%26alt_dest%3Dhttps%25253A%25252F%25252Fatt-yahoo.att.net%25252FFIM%25252Fsps%25252Fauth%25253FPartnerId%25253Dhttps%2525253A%2525252F%2525252Flogin.yahoo.com%2525252Fsaml2%26scope%3Dopenid%26response_type%3Did_token%26state%3DiRIFbIIb5r%26client_id%3Dm40842
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://attreg.att.net/PortalRegWeb/PortalRegController?callingAppId=OP
Title: Create one now

Search URL Search Domain Scan URL

URL: https://www.att.com/support/article/wireless/KM1375558/
Title: Learn about ZenKey

Search URL Search Domain Scan URL

URL: https://www.att.com/legal/legal-policy-center.html
Title: Legal policy center

Search URL Search Domain Scan URL

URL: https://about.att.com/sites/privacy_policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.att.com/legal/terms.attWebsiteTermsOfUse.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.att.com/features/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://about.att.com/csr/home/privacy/rights_choices.html
Title: Do not sell my personal information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u.to/0Y2qGw Page URL
https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/0Y2qGw;1634039742244 HTTP 302
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/0Y2qGw;1634039742244

Request Chain 3

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9424.UKtw6N5wYrzJk2azP1kJfZzUp4pFfvgrbxh5DcsWqRguKIG8nHTj6DNKfx-TAJ-s.vYIi-h1w7hWbTJ0C2PmaOsIuZwg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9424.zU9mtq_CSK8Yd2tj8352DxsxLIJlABANJf2uAK5_OwaJDLDO0k2obz6KddHTYw7O5wQ_VxK_AB7VTaauYZWhlg%2C%2C.V1RHlNnf0eajONiqTZ1WM1HIir0%2C

Request Chain 5

https://mc.yandex.com/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2F0Y2qGw&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A280843417298%3Ahid%3A288794430%3Az%3A0%3Ai%3A202101012115542%3Aet%3A1634039743%3Ac%3A1%3Arn%3A900926045%3Arqn%3A1%3Au%3A1634039743682107928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634039742000%3Ads%3A6%2C145%2C74%2C0%2C0%2C0%2C%2C16%2C0%2C%2C%2C%2C245%3Adsn%3A6%2C145%2C74%2C1%2C0%2C0%2C%2C19%2C0%2C%2C%2C%2C246%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634039743%3At%3ARedirecting HTTP 302
https://mc.yandex.com/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F0Y2qGw&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A280843417298%3Ahid%3A288794430%3Az%3A0%3Ai%3A202101012115542%3Aet%3A1634039743%3Ac%3A1%3Arn%3A900926045%3Arqn%3A1%3Au%3A1634039743682107928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634039742000%3Ads%3A6%2C145%2C74%2C0%2C0%2C0%2C%2C16%2C0%2C%2C%2C%2C245%3Adsn%3A6%2C145%2C74%2C1%2C0%2C0%2C%2C19%2C0%2C%2C%2C%2C246%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634039743%3At%3ARedirecting

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 0Y2qGw Show response
u.to/ 1 KB
1 KB 225ms
74ms Document
text/html 195.216.243.155
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://u.to/0Y2qGw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: s5.unet.com
Software: nginx/1.8.0 /
Resource Hash: 0c4ebeee4560b18ab90dd4298e7a691362aba5decb908843867641508613196c

Request headers

Host: u.to
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.8.0
Date: Tue, 12 Oct 2021 11:55:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: lng=de; path=/; expires=Wed, 12-Oct-2022 11:55:42 GMT; domain=.u.to;
Cache-Control: no-cache no-store
Pragma: no-cache
Vary: host
Content-Encoding: gzip

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 191 KB
65 KB 217ms
63ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: u.to
URL: https://u.to/0Y2qGw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.to/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 12 Oct 2021 11:55:42 GMT
content-encoding: br
last-modified: Tue, 12 Oct 2021 11:33:46 GMT
etag: "6165486a-1031a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66330
expires: Tue, 12 Oct 2021 12:55:42 GMT

GET
H/1.1

200
OK

hit;utostat
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/0Y2qGw;1634039742244
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/0Y2qGw;1634039742244

43 B
528 B

46ms
46ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/0Y2qGw;1634039742244

Requested by

Host: u.to
URL: https://u.to/0Y2qGw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.to/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Pragma: no-cache
Date: Tue, 12 Oct 2021 11:55:51 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 11 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Oct 2021 11:55:51 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/0Y2qGw;1634039742244
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 11 Oct 2020 21:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9424.UKtw6N5wYrzJk2azP1kJfZzUp4pFfvgrbxh5DcsWqRguKIG8nHTj6DNKfx-TAJ-s.vYIi-h1w7hWbTJ0C2PmaOsIuZwg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9424.zU9mtq_CSK8Yd2tj8352DxsxLIJlABANJf2uAK5_OwaJDLDO0k2obz6KddHTYw7O5wQ_VxK_AB7VTaauYZWhlg%2C%2C.V1RHlNnf0eajONiqTZ1WM1HIir0%2C

57 B
57 B

32ms
32ms

Image
text/html

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9424.zU9mtq_CSK8Yd2tj8352DxsxLIJlABANJf2uAK5_OwaJDLDO0k2obz6KddHTYw7O5wQ_VxK_AB7VTaauYZWhlg%2C%2C.V1RHlNnf0eajONiqTZ1WM1HIir0%2C

Requested by

Host: u.to
URL: https://u.to/0Y2qGw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

0b5d25d725de817533ea2383733d50bf153071af3405b993cba4f71ff7741017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.to/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 12 Oct 2021 11:55:42 GMT
strict-transport-security: max-age=31536000
content-length: 57
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9424.zU9mtq_CSK8Yd2tj8352DxsxLIJlABANJf2uAK5_OwaJDLDO0k2obz6KddHTYw7O5wQ_VxK_AB7VTaauYZWhlg%2C%2C.V1RHlNnf0eajONiqTZ1WM1HIir0%2C
date: Tue, 12 Oct 2021 11:55:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 32ms
32ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: u.to
URL: https://u.to/0Y2qGw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.to/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 12 Oct 2021 11:55:42 GMT
last-modified: Tue, 12 Oct 2021 11:33:46 GMT
etag: "6165486a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 12 Oct 2021 12:55:42 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/51604940/
Redirect Chain

https://mc.yandex.com/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2F0Y2qGw&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A66...
https://mc.yandex.com/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F0Y2qGw&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...

330 B
412 B

32ms
32ms

XHR
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F0Y2qGw&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A280843417298%3Ahid%3A288794430%3Az%3A0%3Ai%3A202101012115542%3Aet%3A1634039743%3Ac%3A1%3Arn%3A900926045%3Arqn%3A1%3Au%3A1634039743682107928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634039742000%3Ads%3A6%2C145%2C74%2C0%2C0%2C0%2C%2C16%2C0%2C%2C%2C%2C245%3Adsn%3A6%2C145%2C74%2C1%2C0%2C0%2C%2C19%2C0%2C%2C%2C%2C246%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634039743%3At%3ARedirecting

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

214dcbed35ad2c9e1db14b00fc9061400f9d56d738e742627eaf6dca430638ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.to/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 11:55:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 12-Oct-2021 11:55:42 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://u.to
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 330
x-xss-protection: 1; mode=block
expires: Tue, 12-Oct-2021 11:55:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Oct 2021 11:55:42 GMT
last-modified: Tue, 12-Oct-2021 11:55:42 GMT
location: /watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F0Y2qGw&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A280843417298%3Ahid%3A288794430%3Az%3A0%3Ai%3A202101012115542%3Aet%3A1634039743%3Ac%3A1%3Arn%3A900926045%3Arqn%3A1%3Au%3A1634039743682107928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634039742000%3Ads%3A6%2C145%2C74%2C0%2C0%2C0%2C%2C16%2C0%2C%2C%2C%2C245%3Adsn%3A6%2C145%2C74%2C1%2C0%2C0%2C%2C19%2C0%2C%2C%2C%2C246%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634039743%3At%3ARedirecting
strict-transport-security: max-age=31536000
access-control-allow-origin: https://u.to
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 12-Oct-2021 11:55:42 GMT

GET
H2 200 Primary Request view_archive.php Show response
ia801507.us.archive.org/ 335 KB
71 KB 1403ms
1070ms Document
text/html 207.241.228.157
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to

Full URL

https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm

Requested by

Host: u.to
URL: https://u.to/0Y2qGw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.228.157 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

ia801507.us.archive.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e65a0a4a012273a64e15baeae4b3ba17a15f2cacc7fb799eb46f2e7b663ddfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:method: GET
:authority: ia801507.us.archive.org
:scheme: https
:path: /view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://u.to/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Accept-Language: de-DE,de;q=0.9
Referer: https://u.to/

Response headers

server: nginx/1.18.0 (Ubuntu)
date: Tue, 12 Oct 2021 11:55:44 GMT
content-type: text/html;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=10800
content-disposition: inline; filename="AT_T VERIFICATION.htm"
strict-transport-security: max-age=15724800
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip

GET
H2 404 styles.css
ia801507.us.archive.org/css/ 0
0 193ms
193ms Stylesheet
text/html 207.241.228.157
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to

Full URL

https://ia801507.us.archive.org/css/styles.css

Requested by

Host: ia801507.us.archive.org
URL: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.228.157 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

ia801507.us.archive.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:path: /css/styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ia801507.us.archive.org
referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 11:55:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=15724800
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
set-cookie: donation-identifier=f046536d2002089cdffb69f3282df84b; expires=Wed, 12-Oct-2022 11:55:44 GMT; Max-Age=31536000; path=/; domain=.archive.org abtest-identifier=2496b36dc24ea196369fd892b1c63677; expires=Wed, 12-Oct-2022 11:55:44 GMT; Max-Age=31536000; path=/; domain=.archive.org PHPSESSID=265r72nk5qbhqgjf5ft2r597pq; path=/; domain=.archive.org
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK att-logo.svg
signin.att.com/static/siam//en/halo_c/images/logos/ 8 KB
9 KB 766ms
162ms Image
image/svg+xml 144.161.77.234
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://signin.att.com/static/siam//en/halo_c/images/logos/att-logo.svg

Requested by

Host: ia801507.us.archive.org
URL: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.161.77.234 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

clcontent-ff.att.com

Software

Resource Hash

6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 12 Oct 2021 11:55:45 GMT
last-modified: Fri, 08 Oct 2021 07:45:48 GMT
etag: "20b1-5cdd2914b2300"
x-frame-options: SAMEORIGIN
iam_on: 604
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-type: image/svg+xml
apser: p578
content-length: 8369

GET
H2 404 ATTAleckSans_W_Rg.woff
ia801507.us.archive.org/ 0
0 227ms
226ms Font
text/html 207.241.228.157
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to

Full URL

https://ia801507.us.archive.org/ATTAleckSans_W_Rg.woff

Requested by

Host: ia801507.us.archive.org
URL: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.228.157 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

ia801507.us.archive.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-fetch-mode: cors
origin: https://ia801507.us.archive.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: donation-identifier=f046536d2002089cdffb69f3282df84b; abtest-identifier=2496b36dc24ea196369fd892b1c63677; PHPSESSID=265r72nk5qbhqgjf5ft2r597pq
:path: /ATTAleckSans_W_Rg.woff
pragma: no-cache
user-agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept: */*
cache-control: no-cache
:authority: ia801507.us.archive.org
referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
Origin: https://ia801507.us.archive.org
Accept-Language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 11:55:45 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=15724800
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 404 zenkey-icon.svg
ia801507.us.archive.org/ 64 KB
64 KB 213ms
212ms Image
text/html 207.241.228.157
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ia801507.us.archive.org/zenkey-icon.svg

Requested by

Host: ia801507.us.archive.org
URL: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.228.157 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

ia801507.us.archive.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

54279f958152c0321691256454570c5aba7558ed03f0694194aaaefe591158f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:path: /zenkey-icon.svg
pragma: no-cache
cookie: donation-identifier=f046536d2002089cdffb69f3282df84b; abtest-identifier=2496b36dc24ea196369fd892b1c63677; PHPSESSID=265r72nk5qbhqgjf5ft2r597pq
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ia801507.us.archive.org
referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 11:55:45 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=15724800
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 404 ATTAleckSans_W_Md.woff
ia801507.us.archive.org/ 0
0 196ms
196ms Font
text/html 207.241.228.157
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to

Full URL

https://ia801507.us.archive.org/ATTAleckSans_W_Md.woff

Requested by

Host: ia801507.us.archive.org
URL: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.228.157 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

ia801507.us.archive.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-fetch-mode: cors
origin: https://ia801507.us.archive.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: donation-identifier=f046536d2002089cdffb69f3282df84b; abtest-identifier=2496b36dc24ea196369fd892b1c63677; PHPSESSID=265r72nk5qbhqgjf5ft2r597pq
:path: /ATTAleckSans_W_Md.woff
pragma: no-cache
user-agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept: */*
cache-control: no-cache
:authority: ia801507.us.archive.org
referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ia801507.us.archive.org/view_archive.php?archive=/9/items/at-t-verification_202110/AT_T%20VERIFICATION.zip&file=AT_T%20VERIFICATION.htm
Origin: https://ia801507.us.archive.org
Accept-Language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 11:55:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=15724800
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.u.to/	1970-01-20 06:39:35	Name: lng Value: de
.yadro.ru/	1970-01-20 06:38:41	Name: FTID Value: 1XPNV72H6M8B1XPNV70022VL
.yadro.ru/	1970-01-20 06:38:41	Name: VID Value: 0Yacci16Kt8B1XPNV70022XV
.u.to/	1970-01-20 06:39:35	Name: _ym_uid Value: 1634039743682107928
.u.to/	1970-01-20 06:39:35	Name: _ym_d Value: 1634039743
.u.to/	1970-01-19 21:55:11	Name: _ym_isad Value: 2
.archive.org/	1970-01-20 06:39:35	Name: donation-identifier Value: f046536d2002089cdffb69f3282df84b
.archive.org/	1970-01-20 06:39:35	Name: abtest-identifier Value: 2496b36dc24ea196369fd892b1c63677
.archive.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 265r72nk5qbhqgjf5ft2r597pq

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9424.zU9mtq_CSK8Yd2tj8352DxsxLIJlABANJf2uAK5_OwaJDLDO0k2obz6KddHTYw7O5wQ_VxK_AB7VTaauYZWhlg%2C%2C.V1RHlNnf0eajONiqTZ1WM1HIir0%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ia801507.us.archive.org/css/styles.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ia801507.us.archive.org/ATTAleckSans_W_Md.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ia801507.us.archive.org/zenkey-icon.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ia801507.us.archive.org/ATTAleckSans_W_Rg.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
ia801507.us.archive.org
mc.yandex.com
mc.yandex.ru
signin.att.com
u.to
144.161.77.234
195.216.243.155
207.241.228.157
88.212.201.204
93.158.134.119
0b5d25d725de817533ea2383733d50bf153071af3405b993cba4f71ff7741017
0c4ebeee4560b18ab90dd4298e7a691362aba5decb908843867641508613196c
214dcbed35ad2c9e1db14b00fc9061400f9d56d738e742627eaf6dca430638ec
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
54279f958152c0321691256454570c5aba7558ed03f0694194aaaefe591158f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
e65a0a4a012273a64e15baeae4b3ba17a15f2cacc7fb799eb46f2e7b663ddfad

ia801507.us.archive.org Open in urlscan Pro 207.241.228.157 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

211 kBTransfer

600 kBSize

9 Cookies

9 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

9 Cookies

5 Console Messages

Indicators

ia801507.us.archive.org Open in urlscan Pro
207.241.228.157 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

211 kB
Transfer

600 kB
Size

9
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!