takonova.ru - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 81.177.135.62, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is takonova.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 7th 2019. Valid for: 3 months.

This is the only time takonova.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::681f:4422	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 6	81.177.135.62 81.177.135.62	8342 (RTCOMM-AS) (RTCOMM-AS)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
7	3

1 2606:4700:30::681f:4422 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

motorfahren.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 81.177.135.62 (Moscow, Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

takonova.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	takonova.ru 1 redirects takonova.ru	28 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	motorfahren.com motorfahren.com	506 B
7	3

	Domain	Requested by
6	takonova.ru	1 redirects takonova.ru
1	ajax.googleapis.com	takonova.ru
1	motorfahren.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-12-29` - `2019-12-29`	a year	crt.sh
takonova.ru Let's Encrypt Authority X3	`2019-02-07` - `2019-05-08`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
Frame ID: 96C234392DE8343EE85A97A8AA4BAAF5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://motorfahren.com/rdc.html Page URL
https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/ HTTP 302
https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-inf... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

58 kB
Transfer

180 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://motorfahren.com/rdc.html Page URL
https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/ HTTP 302
https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 rdc.html Show response
motorfahren.com/ 119 B
506 B 730ms
692ms Document
text/html 2606:4700:30::681f:4422
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://motorfahren.com/rdc.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:4422 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e5f9fd50a12d31af3cbbf77e5a0d268501963d8d1948632edc08866f6937902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: motorfahren.com
:scheme: https
:path: /rdc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sat, 23 Mar 2019 02:54:06 GMT
content-type: text/html
set-cookie: __cfduid=dc520cf2ba3fa635c312e3ba3c21f6f6e1553309645; expires=Sun, 22-Mar-20 02:54:05 GMT; path=/; domain=.motorfahren.com; HttpOnly; Secure
last-modified: Fri, 22 Mar 2019 19:37:40 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4bbd1e63f9d7becb-FRA
content-encoding: br

GET
H2

200

Primary Request signin.php Show response
takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/
Redirect Chain

https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/
https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34...

8 KB
2 KB

815ms
815ms

Document
text/html

81.177.135.62
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.62 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: f5bd553b231b260093cd90f087f24f828c559eb5ca23b74ae8546e7baf063ff9

Request headers

:method: GET
:authority: takonova.ru
:scheme: https
:path: /4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://motorfahren.com/rdc.html
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=abd7ff85501691955ac87eedf3f16db8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://motorfahren.com/rdc.html

Response headers

status: 200
date: Sat, 23 Mar 2019 02:54:08 GMT
content-type: text/html; charset=UTF-8
content-length: 2220
server: Jino.ru/mod_pizza
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

status: 302
date: Sat, 23 Mar 2019 02:54:07 GMT
content-type: text/html; charset=UTF-8
content-length: 20
location: signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
server: Jino.ru/mod_pizza
set-cookie: PHPSESSID=abd7ff85501691955ac87eedf3f16db8; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 Meleven.css
takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/ 13 KB
3 KB 272ms
270ms Stylesheet
text/css 81.177.135.62
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/Meleven.css
Requested by: Host: takonova.ru
URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.62 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 1b8d444053adf3feb93421ff3f65711a59df2d5130f11bdc15711c46783f694d

Request headers

:path: /4lives/customer_center/customer-IDPP00C338/Mfiles/Meleven.css
pragma: no-cache
cookie: PHPSESSID=abd7ff85501691955ac87eedf3f16db8
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: takonova.ru
referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
:scheme: https
:method: GET
Referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 23 Mar 2019 02:54:08 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2019 19:35:45 GMT
server: Jino.ru/mod_pizza
etag: "6d87b33-3322-584b3f60f85d1"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 3303

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: takonova.ru
URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 04:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1203158
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30399
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 04:41:30 GMT

GET
H2 200 Mone.js Show response
takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/ 59 KB
14 KB 552ms
551ms Script
application/javascript 81.177.135.62
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/Mone.js
Requested by: Host: takonova.ru
URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.62 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: c9c420d58f29c85d01e4a1a4bc561def6b3c4c2e6d49c697decec0352a206483

Request headers

:path: /4lives/customer_center/customer-IDPP00C338/Mfiles/Mone.js
pragma: no-cache
cookie: PHPSESSID=abd7ff85501691955ac87eedf3f16db8
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: takonova.ru
referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
:scheme: https
:method: GET
Referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 23 Mar 2019 02:54:08 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2019 19:35:45 GMT
server: Jino.ru/mod_pizza
etag: "6d8795e-ec0f-584b3f60f6e61"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 14152

GET
H2 200 Mtwo.js Show response
takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/ 10 KB
3 KB 602ms
601ms Script
application/javascript 81.177.135.62
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/Mtwo.js
Requested by: Host: takonova.ru
URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.62 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 6b126f13f6d95d3142d7563eb83138906b429db546067b5ee48490aef034aa57

Request headers

:path: /4lives/customer_center/customer-IDPP00C338/Mfiles/Mtwo.js
pragma: no-cache
cookie: PHPSESSID=abd7ff85501691955ac87eedf3f16db8
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: takonova.ru
referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
:scheme: https
:method: GET
Referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 23 Mar 2019 02:54:08 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2019 19:35:45 GMT
server: Jino.ru/mod_pizza
etag: "6d87ac2-2930-584b3f60f81e9"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2668

GET
H2 200 Msvg.svg
takonova.ru/4lives/customer_center/customer-IDPP00C338/Mpic/ 5 KB
5 KB 408ms
408ms Image
image/svg+xml 81.177.135.62
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/Mpic/Msvg.svg
Requested by: Host: takonova.ru
URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.135.62 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Request headers

:path: /4lives/customer_center/customer-IDPP00C338/Mpic/Msvg.svg
pragma: no-cache
cookie: PHPSESSID=abd7ff85501691955ac87eedf3f16db8
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: takonova.ru
referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/Meleven.css
:scheme: https
:method: GET
Referer: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/Mfiles/Meleven.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 23 Mar 2019 02:54:08 GMT
last-modified: Fri, 22 Mar 2019 19:35:45 GMT
server: Jino.ru/mod_pizza
etag: "6d6afb2-1351-584b3f60f37b1"
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 4945

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			takonova.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: abd7ff85501691955ac87eedf3f16db8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://takonova.ru/4lives/customer_center/customer-IDPP00C338/signin/signin.php?cmd=_update-information&account_update=60aeb7d4b80c6fa02117535795cd05cc&lim_session=14ccad3fe3936e5111bfb6e627d17a34849562da(Line 136) Message: console.clear

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
motorfahren.com
takonova.ru
2606:4700:30::681f:4422
2a00:1450:4001:806::200a
81.177.135.62
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b8d444053adf3feb93421ff3f65711a59df2d5130f11bdc15711c46783f694d
2e5f9fd50a12d31af3cbbf77e5a0d268501963d8d1948632edc08866f6937902
6b126f13f6d95d3142d7563eb83138906b429db546067b5ee48490aef034aa57
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
c9c420d58f29c85d01e4a1a4bc561def6b3c4c2e6d49c697decec0352a206483
f5bd553b231b260093cd90f087f24f828c559eb5ca23b74ae8546e7baf063ff9

takonova.ru Open in urlscan Pro 81.177.135.62 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

58 kBTransfer

180 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

takonova.ru Open in urlscan Pro
81.177.135.62 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

58 kB
Transfer

180 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!