URL: http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
Submission: On June 03 via automatic , source phishtank

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions.
The main IP is 91.219.29.38, located in Ukraine and belongs to LUCKYNET Lucky Net Ltd, UA. The main domain is prioritet.odessa.ua.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 10/100) Show Details

  • urlscan - Score: 0
  • phishtank - Score: 10 (URL submitted from phishtank) -
    phishing

Domain & IP information

IP Address AS Autonomous System
3 91.219.29.38 3254 (LUCKYNET ...)
3 1
Domain
Subdomains
Transfer
3 prioritet.odessa.ua
3 KB
3 1
Domain Requested by
3 prioritet.odessa.ua prioritet.odessa.ua
3 1

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
manage
/administrator/templates/system/css/confirmation.paypal
579 B
568 B
Document
General
Full URL
http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
Protocol
HTTP/1.1
Server
91.219.29.38 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
38.29.219.91.colo.ukrservers.com
Software
nginx /
Resource Hash

Request headers

Host
prioritet.odessa.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 03 Jun 2019 13:12:34 GMT
Content-Type
text/html
Last-Modified
Sun, 15 Jan 2017 18:27:37 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"587bbf19-243"
Content-Encoding
gzip
Cookie set manage
/administrator/templates/system/css/confirmation.paypal
1 KB
1 KB
Document
General
Full URL
http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
Requested by
Host: prioritet.odessa.ua
URL: http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
Protocol
HTTP/1.1
Server
91.219.29.38 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
38.29.219.91.colo.ukrservers.com
Software
nginx / PHP/5.2.17
Resource Hash
7e22921d6da964161efd526eb4f20885636692270c9ea8cad4bd35b7d5c91fae

Request headers

Host
prioritet.odessa.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
Accept-Encoding
gzip, deflate
Cookie
UHPCT=UHPCT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage

Response headers

Server
nginx
Date
Mon, 03 Jun 2019 13:12:34 GMT
Content-Type
text/html; charset=utf-8
Content-Length
675
Connection
keep-alive
X-Powered-By
PHP/5.2.17
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires
Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
a33aeea72c1f44f1596abb9edf9cb998=d543638c320f0d616f00a3ba67bf5f46; path=/
Upgrade
h2,h2c
Last-Modified
Mon, 03 Jun 2019 13:12:34 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
error.css
/templates/system/css
2 KB
1 KB
Stylesheet
General
Full URL
http://prioritet.odessa.ua/templates/system/css/error.css
Requested by
Host: prioritet.odessa.ua
URL: http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
Protocol
HTTP/1.1
Server
91.219.29.38 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
38.29.219.91.colo.ukrservers.com
Software
nginx /
Resource Hash
4a48a04e8233334556b91e739360c24ed297ecca20dbcafcb52a228f6bf2f0cb

Request headers

Referer
http://prioritet.odessa.ua/administrator/templates/system/css/confirmation.paypal/manage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 13:12:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Feb 2014 19:35:18 GMT
Server
nginx
ETag
W/"52f29276-686"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Domain/Path Name / Value
prioritet.odessa.ua/ Name: a33aeea72c1f44f1596abb9edf9cb998
Value: d543638c320f0d616f00a3ba67bf5f46
prioritet.odessa.ua/ Name: UHPCT
Value: UHPCT

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

prioritet.odessa.ua


91.219.29.38

4a48a04e8233334556b91e739360c24ed297ecca20dbcafcb52a228f6bf2f0cb
7e22921d6da964161efd526eb4f20885636692270c9ea8cad4bd35b7d5c91fae