u60301324l.ha003.t.justns.ru Open in urlscan Pro
2a00:b700::29 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://urlz.fr/bNvA
Effective URL:
http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Submission: On February 11 via manual (February 11th 2020, 3:31:59 pm UTC) from FR

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 18 domains to perform 43 HTTP transactions. The main IP is 2a00:b700::29, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u60301324l.ha003.t.justns.ru.

This is the only time u60301324l.ha003.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3038::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:b700::28 2a00:b700::28	51659 (ASBAXET) (ASBAXET)
5	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700:10:... 2606:4700:10::6814:8338	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:b700::2f 2a00:b700::2f	51659 (ASBAXET) (ASBAXET)
2 20	2a00:b700::29 2a00:b700::29	51659 (ASBAXET) (ASBAXET)
43	10

1 2606:4700:3038::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:b700::28 (Russian Federation)

ASN51659 (ASBAXET, RU)

u60305324s.ha003.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:8338 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:b700::2f (Russian Federation)

ASN51659 (ASBAXET, RU)

u60302324m.ha003.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:b700::29 (Russian Federation) 2 redirects

ASN51659 (ASBAXET, RU)

u60301324l.ha003.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	justns.ru 2 redirects u60305324s.ha003.t.justns.ru u60302324m.ha003.t.justns.ru u60301324l.ha003.t.justns.ru	122 KB
5	themoneytizer.com ads.themoneytizer.com	32 KB
1	criteo.com gum.criteo.com	371 B
1	contextweb.com tag.contextweb.com
1	zeotap.com spl.zeotap.com
1	cloudflare.com ajax.cloudflare.com	4 KB
1	urlz.fr urlz.fr	2 KB
0	id5-sync.com Failed id5-sync.com Failed
0	noowho.com Failed www.noowho.com Failed
0	pepsia.com Failed player.pepsia.com Failed
0	cloudfront.net Failed d2zur9cc2gf1tx.cloudfront.net Failed
0	pubstack.io Failed tmzr.pubstack.io Failed
0	quantserve.com Failed secure.quantserve.com Failed
0	leadplace.fr Failed tag.leadplace.fr Failed
0	smartadserver.com Failed ww1097.smartadserver.com Failed
0	cpx.to Failed p.cpx.to Failed
0	onetag-sys.com Failed onetag-sys.com Failed
0	themoneytizer.net Failed g.themoneytizer.net Failed
43	18

	Domain	Requested by
20	u60301324l.ha003.t.justns.ru	2 redirects u60301324l.ha003.t.justns.ru
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
3	u60305324s.ha003.t.justns.ru	urlz.fr
1	u60302324m.ha003.t.justns.ru
1	gum.criteo.com	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	urlz.fr
0	id5-sync.com Failed
0	www.noowho.com Failed
0	player.pepsia.com Failed	urlz.fr
0	d2zur9cc2gf1tx.cloudfront.net Failed	ads.themoneytizer.com
0	tmzr.pubstack.io Failed	ads.themoneytizer.com
0	secure.quantserve.com Failed	ads.themoneytizer.com
0	tag.leadplace.fr Failed	ads.themoneytizer.com
0	ww1097.smartadserver.com Failed	ads.themoneytizer.com
0	p.cpx.to Failed	ads.themoneytizer.com
0	onetag-sys.com Failed	ads.themoneytizer.com
0	g.themoneytizer.net Failed	ads.themoneytizer.com
43	20

This site contains no links.

Subject Issuer	Validity	Valid
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
ssl828800.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-17` - `2020-03-25`	6 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Frame ID: 407A6EE115569A3A0A99446DD4BEF3B9
Requests: 39 HTTP requests in this frame

Frame: http://u60305324s.ha003.t.justns.ru/grusp.php
Frame ID: 487FC5246770A1824CEF5FD16CFBF00D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1581435103121
Frame ID: AA89D3BAA74D708F97EF38328FEBA627
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 5F716CACC2FAF331A2F78E9F4A9C41AB
Requests: 1 HTTP requests in this frame

Frame: http://u60305324s.ha003.t.justns.ru/grusp.php
Frame ID: 344589487F667EF32A00468B6CF697D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://urlz.fr/bNvA Page URL
http://u60305324s.ha003.t.justns.ru/grusp.php Page URL
http://u60302324m.ha003.t.justns.ru/plisk.php Page URL
http://u60301324l.ha003.t.justns.ru/ploiks HTTP 301
http://u60301324l.ha003.t.justns.ru/ploiks/ HTTP 302
http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

43
Requests

16 %
HTTPS

78 %
IPv6

18
Domains

20
Subdomains

10
IPs

4
Countries

160 kB
Transfer

437 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://urlz.fr/bNvA Page URL
http://u60305324s.ha003.t.justns.ru/grusp.php Page URL
http://u60302324m.ha003.t.justns.ru/plisk.php Page URL
http://u60301324l.ha003.t.justns.ru/ploiks HTTP 301
http://u60301324l.ha003.t.justns.ru/ploiks/ HTTP 302
http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set bNvA Show response
urlz.fr/ 3 KB
2 KB 64ms
50ms Document
text/html 2606:4700:3038::681f:bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/bNvA
Protocol: HTTP/1.1
Server: 2606:4700:3038::681f:bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25af0b7de2b007dab928d6e3548f1c016986c23452c9d612ac495be444a16d87

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de77a9120bdf3dbe2398740b3285450cd1581435102; expires=Thu, 12-Mar-20 15:31:42 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 56375f0f9eb297cc-FRA
Content-Encoding: gzip

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 15ms
14ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/bNvA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 15:31:42 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 15:56:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e417d3b-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 56375f0ffd89d6b9-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Thu, 13 Feb 2020 15:31:42 GMT

GET
H/1.1 200
OK grusp.php
u60305324s.ha003.t.justns.ru/ Frame 487F 0
0 403ms
246ms Document
text/html 2a00:b700::28
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60305324s.ha003.t.justns.ru/grusp.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/bNvA
Protocol: HTTP/1.1
Server: 2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u60305324s.ha003.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://urlz.fr/bNvA
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bNvA

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 98
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 11 Feb 2020 15:31:43 GMT
Server: LiteSpeed

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 41 KB
9 KB 45ms
23ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 9027c88213c91fda6fc48fc01fb902810ab8295ab0ebdf081884b3e0de9ff82c

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:42 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 12 Feb 2020 15:31:42 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 8 KB
3 KB 43ms
21ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: cd9634916457bc81c49f64958185b0b9ffdf036068f3c70bca71b5a6e2ba8940

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:36 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2607
Expires: Wed, 12 Feb 2020 15:31:36 GMT

GET /
g.themoneytizer.net/g/ 0
0

GET
H2 200 moneyvisibility.js
ads.themoneytizer.com/ 12 KB
4 KB 68ms
21ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 15:31:43 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Wed, 12 Feb 2020 15:31:38 GMT

GET
H2 200 moneybile.js
ads.themoneytizer.com/ 37 KB
16 KB 88ms
41ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 15:31:43 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Wed, 12 Feb 2020 15:31:20 GMT

GET /
onetag-sys.com/usync/ Frame AA89 0
0

GET
H2 200 /
spl.zeotap.com/ Frame 5F71 0
0 40ms
23ms Document
text/html 2606:4700:10::6814:8338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://urlz.fr/bNvA
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://urlz.fr/bNvA

Response headers

status: 200
date: Tue, 11 Feb 2020 15:31:43 GMT
content-type: text/html
set-cookie: __cfduid=d08266f70872b5416d25aa60c98f6ffce1581435103; expires=Thu, 12-Mar-20 15:31:43 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=86eb320f-f8f0-4bc3-4977-cf131c269e3a; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=86eb320f-f8f0-4bc3-4977-cf131c269e3a; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%EA_%DE%9C%C4E%C7%0DS%B9%B3%B6%D5%F6%1C%28%92%7B%90f%99%F6bt%E9Td_%DB%26%D0%E5N%E1%E5%CD%9A%B3%88%06R%3F%A0%BE%B5BAA%21%BBG%C2%60%00%8B%17%CE%89Z-%EExK%E0%8F%DE%F4%5C-%92%1D%9D%CE%07%5D%14%0D%A9%E7%21%F6m%99i0r7; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers: *
access-control-allow-origin: *
via: 1.1 google
alt-svc: clear
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56375f12ac6b1e47-FRA
content-encoding: br

GET
H2 200 getjs.static.js
tag.contextweb.com/ 32 KB
0 95ms
29ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 15:31:43 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET px.js
p.cpx.to/p/11528/ 0
0

GET config.js
ww1097.smartadserver.com/ 0
0

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
371 B 44ms
14ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
date: Tue, 11 Feb 2020 15:31:43 GMT
content-length: 165
expires: 60

GET libJsLP.js
tag.leadplace.fr/ 0
0

GET quant.js
secure.quantserve.com/ 0
0

GET d086759d-86af-4b34-852b-bb5d4c87aa38
tmzr.pubstack.io/v1/tag/ 0
0

GET notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 0
0

GET
H2 200 prebid.js
ads.themoneytizer.com/moneybid2_445/build/dist/ 44 KB
0 28ms
27ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/bNvA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 11 Feb 2020 15:31:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 08:55:32 GMT
server: nginx
etag: "3d881-64766-59e4904bdafb3"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 130952
expires: Wed, 12 Feb 2020 15:31:28 GMT

GET sdk.js
player.pepsia.com/ 0
0

GET
H/1.1 200
OK grusp.php
u60305324s.ha003.t.justns.ru/ Frame 3445 0
0 41ms
41ms Document
text/html 2a00:b700::28
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60305324s.ha003.t.justns.ru/grusp.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/bNvA
Protocol: HTTP/1.1
Server: 2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u60305324s.ha003.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://urlz.fr/bNvA
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bNvA

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 98
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 11 Feb 2020 15:31:43 GMT
Server: LiteSpeed

GET image.php
www.noowho.com/ 0
0

GET 9.gif
id5-sync.com/i/12/ 0
0

GET
H/1.1 200
OK grusp.php Show response
u60305324s.ha003.t.justns.ru/ 85 B
315 B 41ms
41ms Document
text/html 2a00:b700::28
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60305324s.ha003.t.justns.ru/grusp.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/bNvA
Protocol: HTTP/1.1
Server: 2a00:b700::28 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0eb390e9ba9c881aa4a3563149d8a9c343e7ee1ff326821bc5b77eb436efaf71

Request headers

Host: u60305324s.ha003.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://urlz.fr/bNvA
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bNvA

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 98
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 11 Feb 2020 15:31:43 GMT
Server: LiteSpeed

GET
H/1.1 200
OK plisk.php Show response
u60302324m.ha003.t.justns.ru/ 87 B
322 B 1825ms
1641ms Document
text/html 2a00:b700::2f
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60302324m.ha003.t.justns.ru/plisk.php
Protocol: HTTP/1.1
Server: 2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cca7a6dc4c01ca7a614b551f2f18e7f0fbba6f382dc0adf297322dac1102e091

Request headers

Host: u60302324m.ha003.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://u60305324s.ha003.t.justns.ru/grusp.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://u60305324s.ha003.t.justns.ru/grusp.php

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 104
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 11 Feb 2020 15:31:45 GMT
Server: LiteSpeed

GET
H/1.1

200
OK

Primary Request ssl.php Show response
u60301324l.ha003.t.justns.ru/ploiks/
Redirect Chain

http://u60301324l.ha003.t.justns.ru/ploiks
http://u60301324l.ha003.t.justns.ru/ploiks/
http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU

16 KB
5 KB

45ms
44ms

Document
text/html

2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6c5b4a6b21bd4b6cae49bde18902af1596e2575e0b1ef149454442f75c9a68ea

Request headers

Host: u60301324l.ha003.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://u60302324m.ha003.t.justns.ru/plisk.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://u60302324m.ha003.t.justns.ru/plisk.php

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 4774
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 11 Feb 2020 15:31:46 GMT
Server: LiteSpeed

Redirect headers

Connection: Keep-Alive
Location: ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Tue, 11 Feb 2020 15:31:46 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent

GET
H/1.1 200
OK antiquus.css
u60301324l.ha003.t.justns.ru/ploiks/img/ 26 KB
4 KB 41ms
40ms Stylesheet
text/css 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/antiquus.css
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Feb 2020 03:07:27 GMT
Server: LiteSpeed
Etag: "66a1-5e40c8ef-af24235b94b5481a;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3739
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK styles.css
u60301324l.ha003.t.justns.ru/ploiks/img/ 80 KB
15 KB 80ms
39ms Stylesheet
text/css 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles.css
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f200b06c8442200a5a36b199ebdfe810115cdb8973df873db4370f6a68239d06

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Feb 2020 03:07:34 GMT
Server: LiteSpeed
Etag: "13f4d-5e40c8f6-6fe358a1381ff990;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15362
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK styles-mod.css
u60301324l.ha003.t.justns.ru/ploiks/img/ 14 KB
4 KB 80ms
40ms Stylesheet
text/css 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles-mod.css
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 01da4e861e3a45faf7f7cbb6de898ec71b2ad3f85488dca42924305b1d4107eb

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Feb 2020 03:07:33 GMT
Server: LiteSpeed
Etag: "37e5-5e40c8f5-644bb557330bc97b;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3941
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK 2.PNG
u60301324l.ha003.t.justns.ru/ploiks/img/ 6 KB
7 KB 83ms
41ms Image
image/png 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/2.PNG
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 46a55e83380d38b850b158ab5a161ed8381be31a83b4ebdb70673d429a66984c

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Last-Modified: Mon, 10 Feb 2020 03:07:25 GMT
Server: LiteSpeed
Etag: "199f-5e40c8ed-b909fdebefaa8ab7;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6559
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK 4.PNG
u60301324l.ha003.t.justns.ru/ploiks/img/ 62 KB
62 KB 82ms
41ms Image
image/png 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/4.PNG
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2a9238404356dd38cde454db089022e19ba6c73641ee7e24a04e9f046e420cdd

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Last-Modified: Mon, 10 Feb 2020 03:07:26 GMT
Server: LiteSpeed
Etag: "f83f-5e40c8ee-2861ba803b654e73;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 63551
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK 1.PNG
u60301324l.ha003.t.justns.ru/ploiks/img/ 5 KB
5 KB 82ms
40ms Image
image/png 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/1.PNG
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dbfbcbafd2d82f705eb25d811a858ffe6affa7aced9d4c0e0fb826637c8c0e3d

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Last-Modified: Mon, 10 Feb 2020 03:07:24 GMT
Server: LiteSpeed
Etag: "147d-5e40c8ec-4b5b38d28c2bc09e;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5245
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK point_transp.gif
u60301324l.ha003.t.justns.ru/ploiks/img/ 87 B
437 B 46ms
45ms Image
image/gif 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/point_transp.gif
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Last-Modified: Mon, 10 Feb 2020 03:07:32 GMT
Server: LiteSpeed
Etag: "57-5e40c8f4-d79d67676bade8b7;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK 3.PNG
u60301324l.ha003.t.justns.ru/ploiks/img/ 3 KB
3 KB 41ms
40ms Image
image/png 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/3.PNG
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 981fc6bc288f27176dfd0511a1ca0e867bf6f63e6e04c076afbb9fe4fdf180af

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Last-Modified: Mon, 10 Feb 2020 03:07:25 GMT
Server: LiteSpeed
Etag: "c26-5e40c8ed-b2ee53ba4b6b7dee;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3110
Expires: Tue, 18 Feb 2020 15:31:46 GMT

GET
H/1.1 200
OK ssl.php
u60301324l.ha003.t.justns.ru/ploiks/ 16 KB
5 KB 86ms
45ms Stylesheet
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6c5b4a6b21bd4b6cae49bde18902af1596e2575e0b1ef149454442f75c9a68ea

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: LiteSpeed
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ssl.php Show response
u60301324l.ha003.t.justns.ru/ploiks/ 16 KB
5 KB 45ms
45ms Script
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6c5b4a6b21bd4b6cae49bde18902af1596e2575e0b1ef149454442f75c9a68ea

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: LiteSpeed
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found main_repeat.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 662 B
662 B 40ms
39ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/main_repeat.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0b0c930aa1c3904bb49da672313fb29eb134525d98ac6139728e6ae5eb06c9f1

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 477
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found entete_light.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 663 B
663 B 41ms
40ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/entete_light.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dc53b4c91ce627a6fb853d076b8ad717fab79d7cbbdc336f9c53ce9c3b04aba4

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles-mod.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 478
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found main_haut.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 660 B
660 B 40ms
39ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/main_haut.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4f8c52cb7ddfd51d6648952b857b964cdeb792559e89dcdcc268393eed996f52

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 475
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bloc_arrond_bas.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 666 B
666 B 42ms
41ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/bloc_arrond_bas.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8911ff242591d7416547fa8f90bd4e28f2e710299b2cbb07a4ca6670d9fc1097

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 481
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bloc_arrond_haut.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 667 B
667 B 41ms
41ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/bloc_arrond_haut.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 11f8472510072fa768ff52166ad9565030d5cf96b6802653b6ce30c907eefd33

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 482
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bg_form.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 658 B
658 B 41ms
41ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/bg_form.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 410f1d84aaa3e9604e81bc51a6fbdf711cea1422227c11a6a54ea231f5ea24ed

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 473
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found thead.png
u60301324l.ha003.t.justns.ru/ploiks/img/ 656 B
656 B 73ms
39ms Image
text/html 2a00:b700::29
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u60301324l.ha003.t.justns.ru/ploiks/img/thead.png
Requested by: Host: u60301324l.ha003.t.justns.ru
URL: http://u60301324l.ha003.t.justns.ru/ploiks/ssl.php?PaReq=a8f4b2ef1e2374eb0fe37fc0249d1020&MD=782687DB6V279GDH928BUDI2OU
Protocol: HTTP/1.1
Server: 2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9bbcbd143837bf8d39e0107012051c2999d7a4e5c3f492227710a93afe4bbda4

Request headers

Referer: http://u60301324l.ha003.t.justns.ru/ploiks/img/styles-mod.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 15:31:46 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: Keep-Alive
Content-Length: 471
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: g.themoneytizer.net
URL: https://g.themoneytizer.net/g/

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1581435103121

Domain: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=1c3e6

Domain: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/config.js?nwid=1097

Domain: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js

Domain: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js

Domain: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38

Domain: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Domain: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=17034e0a79a

Domain: www.noowho.com
URL: https://www.noowho.com/image.php?site=23690713&ref=

Domain: id5-sync.com
URL: https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
ajax.cloudflare.com
d2zur9cc2gf1tx.cloudfront.net
g.themoneytizer.net
gum.criteo.com
id5-sync.com
onetag-sys.com
p.cpx.to
player.pepsia.com
secure.quantserve.com
spl.zeotap.com
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
u60301324l.ha003.t.justns.ru
u60302324m.ha003.t.justns.ru
u60305324s.ha003.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
d2zur9cc2gf1tx.cloudfront.net
g.themoneytizer.net
id5-sync.com
onetag-sys.com
p.cpx.to
player.pepsia.com
secure.quantserve.com
tag.leadplace.fr
tmzr.pubstack.io
ww1097.smartadserver.com
www.noowho.com
151.139.241.23
2606:4700:10::6814:8338
2606:4700:3038::681f:bb2
2606:4700::6811:4104
2a00:b700::28
2a00:b700::29
2a00:b700::2f
2a02:2638:1::13
74.214.194.131
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01da4e861e3a45faf7f7cbb6de898ec71b2ad3f85488dca42924305b1d4107eb
0b0c930aa1c3904bb49da672313fb29eb134525d98ac6139728e6ae5eb06c9f1
0eb390e9ba9c881aa4a3563149d8a9c343e7ee1ff326821bc5b77eb436efaf71
11f8472510072fa768ff52166ad9565030d5cf96b6802653b6ce30c907eefd33
25af0b7de2b007dab928d6e3548f1c016986c23452c9d612ac495be444a16d87
2a9238404356dd38cde454db089022e19ba6c73641ee7e24a04e9f046e420cdd
410f1d84aaa3e9604e81bc51a6fbdf711cea1422227c11a6a54ea231f5ea24ed
46a55e83380d38b850b158ab5a161ed8381be31a83b4ebdb70673d429a66984c
4f8c52cb7ddfd51d6648952b857b964cdeb792559e89dcdcc268393eed996f52
6c5b4a6b21bd4b6cae49bde18902af1596e2575e0b1ef149454442f75c9a68ea
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
8911ff242591d7416547fa8f90bd4e28f2e710299b2cbb07a4ca6670d9fc1097
9027c88213c91fda6fc48fc01fb902810ab8295ab0ebdf081884b3e0de9ff82c
981fc6bc288f27176dfd0511a1ca0e867bf6f63e6e04c076afbb9fe4fdf180af
9bbcbd143837bf8d39e0107012051c2999d7a4e5c3f492227710a93afe4bbda4
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
cca7a6dc4c01ca7a614b551f2f18e7f0fbba6f382dc0adf297322dac1102e091
cd9634916457bc81c49f64958185b0b9ffdf036068f3c70bca71b5a6e2ba8940
dbfbcbafd2d82f705eb25d811a858ffe6affa7aced9d4c0e0fb826637c8c0e3d
dc53b4c91ce627a6fb853d076b8ad717fab79d7cbbdc336f9c53ce9c3b04aba4
f200b06c8442200a5a36b199ebdfe810115cdb8973df873db4370f6a68239d06

u60301324l.ha003.t.justns.ru Open in urlscan Pro 2a00:b700::29 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

16 %HTTPS

78 %IPv6

18 Domains

20 Subdomains

10 IPs

4 Countries

160 kBTransfer

437 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

u60301324l.ha003.t.justns.ru Open in urlscan Pro
2a00:b700::29 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

16 %
HTTPS

78 %
IPv6

18
Domains

20
Subdomains

10
IPs

4
Countries

160 kB
Transfer

437 kB
Size

0
Cookies

43 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!