cg12666.tmweb.ru Open in urlscan Pro
2a03:6f00:6:1::517:33ec  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cg12666.tmweb.ru/	8 KB 3 KB	606ms 452ms	Document text/html	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 7aba585f6430712b7002d4d72d4978afbf61b4dfe05d3809c50d650b0f5824c3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 02 Aug 2022 22:17:57 GMT server nginx/1.20.2 vary Accept-Encoding
GET H2	200	dciweb.css cg12666.tmweb.ru/	6 KB 2 KB	52ms 51ms	Stylesheet text/css	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://cg12666.tmweb.ru/dciweb.css Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 834693561cbd38fb0da6844ed0d2698681fa7c872fa782d4416d93d0239426a7 Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT content-encoding gzip last-modified Tue, 02 Aug 2022 14:43:25 GMT server nginx/1.20.2 etag W/"62e9380d-19b9" vary Accept-Encoding content-type text/css cache-control max-age=2678400 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	bnp.css cg12666.tmweb.ru/	15 KB 4 KB	53ms 52ms	Stylesheet text/css	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://cg12666.tmweb.ru/bnp.css Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 02f2a6cfcc89743718629d5f7ad905e51e1bb906061d21fb0398e9470644b948 Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT content-encoding gzip last-modified Tue, 02 Aug 2022 14:43:48 GMT server nginx/1.20.2 etag W/"62e93824-3b28" vary Accept-Encoding content-type text/css cache-control max-age=2678400 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	tools.js Show response cg12666.tmweb.ru/	40 KB 11 KB	103ms 102ms	Script application/x-javascript	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://cg12666.tmweb.ru/tools.js Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 74d676a2f1f1606de3dbe7489da17c0b335cd22b41ae4b8625f80b0b4afd21cb Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT content-encoding gzip last-modified Tue, 02 Aug 2022 14:43:45 GMT server nginx/1.20.2 etag W/"62e93821-9f86" vary Accept-Encoding content-type application/x-javascript cache-control max-age=2678400 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	headerBack.jpg cg12666.tmweb.ru/	10 KB 10 KB	90ms 89ms	Image image/jpeg	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/headerBack.jpg Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash f7ac02953144040664d7bbcbe0ef5af6ad2966a546de3846931557852538d5be Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:31 GMT server nginx/1.20.2 etag "62e93813-285d" content-type image/jpeg cache-control max-age=2678400 accept-ranges bytes content-length 10333 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	etape1.png cg12666.tmweb.ru/	476 B 654 B	91ms 89ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/etape1.png Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 8a56cd2b0b8b3fb49bbd0502d7ad0ad6d01e955a0e270b68ccc83bf03dd9d25b Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:28 GMT server nginx/1.20.2 etag "62e93810-1dc" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 476 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	etape2.png cg12666.tmweb.ru/	567 B 745 B	91ms 90ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/etape2.png Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 4ede7bb44d8cdb4447d0e9589c5ce0980725605bbb6193f96be49d72fd7b4827 Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:28 GMT server nginx/1.20.2 etag "62e93810-237" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 567 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	dciweb96e2.png cg12666.tmweb.ru/	2 KB 2 KB	91ms 90ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/dciweb96e2.png?p0=vkimage.tht&t=p&vkid=vkident-8364hk1sgj Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 376f54d160aa8cc5ded3a0e02a22429a5914060f0b67b877ec07d216d591c80a Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:25 GMT server nginx/1.20.2 etag "62e9380d-892" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 2194 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	flecheCorriger.png cg12666.tmweb.ru/	538 B 716 B	91ms 90ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/flecheCorriger.png Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 99c5135aa6eed33bf4ad8aa53556a5b3a508e9a0fab486cc25806090831c57cd Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:29 GMT server nginx/1.20.2 etag "62e93811-21a" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 538 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	btn_valider.png cg12666.tmweb.ru/	1 KB 1 KB	91ms 91ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/btn_valider.png Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 955510e34da1928b4ab68f72385e6281ffdf2e5c4326c70cb73f914579bb9c43 Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:23 GMT server nginx/1.20.2 etag "62e9380b-446" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 1094 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	btn_annuler.png cg12666.tmweb.ru/	1 KB 1 KB	92ms 91ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/btn_annuler.png Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash 0635d965c9c0bc6b7958c2f4a30fecf1e70f67c68cb8caf520dfa8b910d6b4f0 Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:43:48 GMT server nginx/1.20.2 etag "62e93824-442" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 1090 expires Fri, 02 Sep 2022 22:17:57 GMT
GET H2	200	covid19-information.png cg12666.tmweb.ru/images/	831 KB 832 KB	138ms 138ms	Image image/png	2a03:6f00:6:1::517:33ec TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cg12666.tmweb.ru/images/covid19-information.png Requested by Host: cg12666.tmweb.ru URL: https://cg12666.tmweb.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:6:1::517:33ec , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash f266f7e14644c34b42531dc2022dc3bc0b92c09d9c6613d5ff92a0edbe45d40b Request headers accept-language de-DE,de;q=0.9 Referer https://cg12666.tmweb.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 22:17:57 GMT last-modified Tue, 02 Aug 2022 14:44:07 GMT server nginx/1.20.2 etag "62e93837-cfa57" content-type image/png cache-control max-age=2678400 accept-ranges bytes content-length 850519 expires Fri, 02 Sep 2022 22:17:57 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| msgErreur function| setselect function| getselect function| setradio function| getradio function| CheckForbiddenCharMessage function| CheckForbiddenChar function| CheckForbiddenCharOld function| ZeroDevant function| CheckRIBAlert function| CheckRIB function| CheckAFB function| CheckAFBAlert function| ReadAmount function| CheckAmount function| CheckAmountAlert function| CheckAmountAlertForHtml5 function| CheckNumber function| CheckAmountCouple function| Today function| ReadDate function| CheckDate function| checkDateMobile function| CheckDateAlert function| CheckDateCouple function| CheckIBAN function| KeyIBAN function| TranslateAlpha2Num function| CheckInt function| CheckIntAlert function| lvtrim function| rvtrim function| vtrim function| ltrim function| rtrim function| trim function| CheckStr function| CheckStrAlert function| TextFormat function| TextTranslate function| pad_right function| CheckTime function| CheckTimeAlert function| CheckEmail number| posX function| getMousePos function| getScrollX function| getScrollY function| AffBulle function| HideBulle function| random function| gen_clavier function| makepwd function| clearpwd function| valdec_form function| check_nbdec function| FormatMonnaie function| ChargerCookie function| FormatChecked function| createXmlHttpRequest function| supZero function| logout function| openPopup function| CheckEndDateAFB160 function| setBorder function| showHideError function| documentWrite function| closeReveal function| isInputTypeSupported function| isAttributeSupported function| isHtml5 function| transcoCodeForCreateBeneficiary function| CheckAFBMobile number| posY object| theBody function| clearParams function| control function| submitform function| key function| pwd_writeM number| CellX number| CellY number| col number| lig object| tabcar number| posX1 number| posY1

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cg12666.tmweb.ru
2a03:6f00:6:1::517:33ec
02f2a6cfcc89743718629d5f7ad905e51e1bb906061d21fb0398e9470644b948
0635d965c9c0bc6b7958c2f4a30fecf1e70f67c68cb8caf520dfa8b910d6b4f0
376f54d160aa8cc5ded3a0e02a22429a5914060f0b67b877ec07d216d591c80a
4ede7bb44d8cdb4447d0e9589c5ce0980725605bbb6193f96be49d72fd7b4827
74d676a2f1f1606de3dbe7489da17c0b335cd22b41ae4b8625f80b0b4afd21cb
7aba585f6430712b7002d4d72d4978afbf61b4dfe05d3809c50d650b0f5824c3
834693561cbd38fb0da6844ed0d2698681fa7c872fa782d4416d93d0239426a7
8a56cd2b0b8b3fb49bbd0502d7ad0ad6d01e955a0e270b68ccc83bf03dd9d25b
955510e34da1928b4ab68f72385e6281ffdf2e5c4326c70cb73f914579bb9c43
99c5135aa6eed33bf4ad8aa53556a5b3a508e9a0fab486cc25806090831c57cd
f266f7e14644c34b42531dc2022dc3bc0b92c09d9c6613d5ff92a0edbe45d40b
f7ac02953144040664d7bbcbe0ef5af6ad2966a546de3846931557852538d5be