old.server.online-windows.ru Open in urlscan Pro
195.161.41.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://old.server.online-windows.ru/
Submission Tags: @phishunt_io
Submission: On December 10 via api (December 10th 2020, 1:12:42 pm UTC) from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 195.161.41.68, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is old.server.online-windows.ru.
TLS certificate: Issued by R3 on December 10th 2020. Valid for: 3 months.

This is the only time old.server.online-windows.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	195.161.41.68 195.161.41.68		8342 (RTCOMM-AS) (RTCOMM-AS)
11	2

9 195.161.41.68 (Moscow, Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

old.server.online-windows.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
online-windows.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	online-windows.ru 1 redirects old.server.online-windows.ru online-windows.ru	31 KB
0	googleapis.com Failed fonts.googleapis.com Failed
11	2

	Domain	Requested by
6	old.server.online-windows.ru	old.server.online-windows.ru
3	online-windows.ru	1 redirects old.server.online-windows.ru
0	fonts.googleapis.com Failed	old.server.online-windows.ru
11	3

This site contains no links.

Subject Issuer	Validity	Valid
old.server.online-windows.ru R3	`2020-12-10` - `2021-03-10`	3 months	crt.sh
online-windows.ru Let's Encrypt Authority X3	`2020-11-01` - `2021-01-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://old.server.online-windows.ru/
Frame ID: B18E845ED2A4EAD26D16C53871FBB472
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

11
Requests

73 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

30 kB
Transfer

41 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://online-windows.ru/js/jquery/plagins/jquery-latest/jquery-latest.js HTTP 302
https://online-windows.ru/index.php/login

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response old.server.online-windows.ru/	2 KB 945 B	396ms 67ms	Document text/html	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software Jino.ru/mod_pizza / Resource Hash `d05e46d6e5401fb5ae5cfe7165c4742f975d482b3942209f5329f8de7b72e7a1` Request headers :method GET :authority old.server.online-windows.ru :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:12:25 GMT content-type text/html; charset=windows-1251 content-length 688 server Jino.ru/mod_pizza access-control-allow-origin * access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS access-control-allow-headers X-Requested-With, content-type vary Accept-Encoding content-encoding gzip
GET H2	200	reset.css old.server.online-windows.ru/main/css/	1 KB 951 B	67ms 65ms	Stylesheet text/css	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://old.server.online-windows.ru/main/css/reset.css Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software Jino.ru/mod_pizza / Resource Hash `866278db0a3c7dd3d55f2bd61d8d4cf015541c18faa3ce6856108d7f3cab962f` Request headers Referer https://old.server.online-windows.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:12:25 GMT content-encoding gzip last-modified Tue, 08 Nov 2016 23:51:05 GMT server Jino.ru/mod_pizza etag "6280dad-5fb-540d2d0444c40" vary Accept-Encoding content-type text/css access-control-allow-origin * accept-ranges bytes content-length 730
GET H2	200	style.css old.server.online-windows.ru/main/css/	4 KB 2 KB	67ms 66ms	Stylesheet text/css	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://old.server.online-windows.ru/main/css/style.css Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software Jino.ru/mod_pizza / Resource Hash `9f99a6136616ab90735964fefb1810b65744dfadbf9349954e10834c7efb8d19` Request headers Referer https://old.server.online-windows.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:12:25 GMT content-encoding gzip last-modified Mon, 27 Mar 2017 15:52:38 GMT server Jino.ru/mod_pizza etag "6280dae-105f-54bb855235d80" vary Accept-Encoding content-type text/css access-control-allow-origin * accept-ranges bytes content-length 1459
GET H2	200	css3_3d.css old.server.online-windows.ru/main/css/	8 KB 2 KB	67ms 66ms	Stylesheet text/css	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://old.server.online-windows.ru/main/css/css3_3d.css Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software Jino.ru/mod_pizza / Resource Hash `0d3518ef8af9676601a29e7426d32934430bb0251021c8e57c790e2b25b0d634` Request headers Referer https://old.server.online-windows.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:12:25 GMT content-encoding gzip last-modified Mon, 16 Apr 2018 11:10:19 GMT server Jino.ru/mod_pizza etag "6280dac-1fe8-569f544661cc0" vary Accept-Encoding content-type text/css access-control-allow-origin * accept-ranges bytes content-length 2162
GET H2	404	1.4.4.min.js online-windows.ru/js/jquery/	0 0	569ms 396ms	Script text/html	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://online-windows.ru/js/jquery/1.4.4.min.js Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software / Resource Hash Request headers Referer https://old.server.online-windows.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	login Show response online-windows.ru/index.php/ Redirect Chain https://online-windows.ru/js/jquery/plagins/jquery-latest/jquery-latest.js https://online-windows.ru/index.php/login	0 0	416ms 415ms	Script text/html	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://online-windows.ru/index.php/login Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers date Thu, 10 Dec 2020 13:12:26 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 20 x-xss-protection 1; mode=block pragma no-cache referrer-policy no-referrer server Jino.ru/mod_pizza x-frame-options SAMEORIGIN x-download-options noopen vary Accept-Encoding content-type text/html; charset=UTF-8 location https://online-windows.ru/index.php/login cache-control no-store, no-cache, must-revalidate content-security-policy default-src 'self'; script-src 'self' 'nonce-MlZnWGN0STRLVXNVSGF2TVNoN0RaakZmWVdtSEV1NHhUZkM1Y25Tbytwbz06aWpaYUdaZ0lmVGhqUzg2bklXK1JCM0FtQ2kzbFI0dDhJc2J2QXlibXZjOD0='; style-src 'self' 'unsafe-inline'; frame-src ; img-src data: blob:; font-src 'self' data:; media-src ; connect-src ; object-src 'none'; base-uri 'self'; x-robots-tag none expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	top-menu.js Show response old.server.online-windows.ru/main/js/	2 KB 652 B	67ms 66ms	Script application/javascript	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL https://old.server.online-windows.ru/main/js/top-menu.js Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software Jino.ru/mod_pizza / Resource Hash `fa5d5bec6769c84afbfc429c0618f2d046804517f2c121c2f2cddf9035a24079` Request headers Referer https://old.server.online-windows.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:12:25 GMT content-encoding gzip last-modified Thu, 10 Nov 2016 19:32:44 GMT server Jino.ru/mod_pizza etag "6280dd2-6ad-540f770048f00" vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes content-length 421
GET		css fonts.googleapis.com/	0 0

GET		api.php online-windows.ru/fonts/	0 0

GET		api.php online-windows.ru/fonts/	0 0

GET H2	200	api.png old.server.online-windows.ru/	24 KB 24 KB	118ms 117ms	Image image/png	195.161.41.68 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://old.server.online-windows.ru/api.png Requested by Host: old.server.online-windows.ru URL: https://old.server.online-windows.ru/main/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.161.41.68 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS Software Jino.ru/mod_pizza / Resource Hash `48c135ddefe90a1f80cbdae54a2d28d1e8278069e5b51e766e4884ba7cae80c9` Request headers Referer https://old.server.online-windows.ru/main/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:12:26 GMT last-modified Wed, 09 Nov 2016 10:05:09 GMT server Jino.ru/mod_pizza etag "5de4d35-5efb-540db64571f40" content-type image/png access-control-allow-origin * accept-ranges bytes content-length 24315

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,700&subset=latin,cyrillic

Domain: online-windows.ru
URL: http://online-windows.ru/fonts/api.php?family=capture-it

Domain: online-windows.ru
URL: http://online-windows.ru/fonts/api.php?family=garwin&effect=retro

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
old.server.online-windows.ru
online-windows.ru
fonts.googleapis.com
online-windows.ru
195.161.41.68
0d3518ef8af9676601a29e7426d32934430bb0251021c8e57c790e2b25b0d634
48c135ddefe90a1f80cbdae54a2d28d1e8278069e5b51e766e4884ba7cae80c9
866278db0a3c7dd3d55f2bd61d8d4cf015541c18faa3ce6856108d7f3cab962f
9f99a6136616ab90735964fefb1810b65744dfadbf9349954e10834c7efb8d19
d05e46d6e5401fb5ae5cfe7165c4742f975d482b3942209f5329f8de7b72e7a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa5d5bec6769c84afbfc429c0618f2d046804517f2c121c2f2cddf9035a24079

old.server.online-windows.ru Open in urlscan Pro 195.161.41.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

11 Requests

73 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

30 kBTransfer

41 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

old.server.online-windows.ru Open in urlscan Pro
195.161.41.68 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

73 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

30 kB
Transfer

41 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions