www.verify-ukr-net.fun
Open in
urlscan Pro
178.208.83.11
Malicious Activity!
Public Scan
Submission: On February 04 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 3rd 2020. Valid for: 3 months.
This is the only time www.verify-ukr-net.fun was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Ukr.net (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 178.208.83.11 178.208.83.11 | 48282 (VDSINA-AS) (VDSINA-AS) | |
1 | 212.42.75.249 212.42.75.249 | 8856 (UKRNET Kiev) (UKRNET Kiev) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 4 |
ASN48282 (VDSINA-AS, RU)
PTR: s7.h.mchost.ru
www.verify-ukr-net.fun |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
verify-ukr-net.fun
www.verify-ukr-net.fun |
426 KB |
1 |
gstatic.com
www.gstatic.com |
|
1 |
ukr.net
mail.ukr.net |
10 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
15 | www.verify-ukr-net.fun |
www.verify-ukr-net.fun
|
1 | www.gstatic.com |
www.verify-ukr-net.fun
|
1 | mail.ukr.net |
www.verify-ukr-net.fun
|
21 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
accounts.ukr.net |
oauth.ukr.net |
www.ukr.net |
mail.ukr.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
verify-ukr-net.fun Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
mail.ukr.net Thawte EV RSA CA 2018 |
2018-02-14 - 2020-04-14 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2020-01-14 - 2020-04-07 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.verify-ukr-net.fun/
Frame ID: 8B25474AF91BC6C958992981333D71CE
Requests: 15 HTTP requests in this frame
Frame:
https://www.verify-ukr-net.fun/index_files/anchor.html
Frame ID: C7C387CE1C1261B9B2993D80C2F0234B
Requests: 4 HTTP requests in this frame
Frame:
https://www.verify-ukr-net.fun/index_files/bframe.html
Frame ID: 81AE07B9015FE3DE53DA6D591E542D51
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Не удается войти?
Search URL Search Domain Scan URL
Title: Создать ящик
Search URL Search Domain Scan URL
Title: Соглашение о конфиденциальности
Search URL Search Domain Scan URL
Title: Соглашение об использовании электронной почты FREEMAIL (mail.ukr.net)
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.verify-ukr-net.fun/ |
229 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.verify-ukr-net.fun/index_files/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
www.verify-ukr-net.fun/index_files/ |
85 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__ru.js
www.verify-ukr-net.fun/index_files/ |
284 KB 75 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.verify-ukr-net.fun/index_files/ |
698 B 603 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
www.verify-ukr-net.fun/index_files/ |
299 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor.html
www.verify-ukr-net.fun/index_files/ Frame C7C3 |
25 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.svg
mail.ukr.net/public/login/img/ |
65 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__ru.js
www.gstatic.com/recaptcha/api2/r20171109115411/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
styles__ltr.css
www.verify-ukr-net.fun/index_files/ Frame C7C3 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
www.verify-ukr-net.fun/index_files/ Frame C7C3 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NVucc4vM7XBvUqH-LbNf6oQtXXc2mKk5RCldYrhMzLk.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
www.verify-ukr-net.fun/index_files/ Frame C7C3 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
support.svg
www.verify-ukr-net.fun/public/login/img/illustrations/ |
1 KB 927 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
speedy.svg
www.verify-ukr-net.fun/public/login/img/illustrations/ |
1 KB 927 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popular.svg
www.verify-ukr-net.fun/public/login/img/illustrations/ |
1 KB 927 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unlimited.svg
www.verify-ukr-net.fun/public/login/img/illustrations/ |
1 KB 927 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
design.svg
www.verify-ukr-net.fun/public/login/img/illustrations/ |
1 KB 927 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe.html
www.verify-ukr-net.fun/index_files/ Frame 81AE |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1001 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lato-bold.ttf
mail.ukr.net/public/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
www.verify-ukr-net.fun/index_files/ Frame 81AE |
137 KB 89 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__ru.js
www.verify-ukr-net.fun/index_files/ Frame 81AE |
284 KB 75 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.verify-ukr-net.fun
- URL
- https://www.verify-ukr-net.fun/index_files/styles__ltr.css
- Domain
- www.verify-ukr-net.fun
- URL
- https://www.verify-ukr-net.fun/index_files/recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
- Domain
- www.verify-ukr-net.fun
- URL
- https://www.verify-ukr-net.fun/index_files/NVucc4vM7XBvUqH-LbNf6oQtXXc2mKk5RCldYrhMzLk.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
- Domain
- mail.ukr.net
- URL
- https://mail.ukr.net/public/login/fonts/lato-bold.ttf?h=7133c927
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Ukr.net (Online)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ___grecaptcha_cfg boolean| __google_recaptcha_client object| recaptcha object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| __resetReCaptchaError string| let0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mail.ukr.net
www.gstatic.com
www.verify-ukr-net.fun
mail.ukr.net
www.verify-ukr-net.fun
178.208.83.11
212.42.75.249
2a00:1450:4001:809::2003
046770ee2784c10024b6b8d2577b8000338d6b8706460c1aec0c2a06eb9e377e
079cdfdf24677fed0923fba0690cc924fce3854ca01d2e34025e424219fc6112
0e0c0a359dd11aeff9abb5a9edc626e78f30a8bf253995de46fabff465f08a38
3ef22fc2e02ae8b60942939190e353d7554f1fc65817288d70db15e4066e39eb
5ee65076642036a4aa3d5f684e39bf7be7feb2b3362be162366145aa283ed67c
747e64c4aaf427b42ac67fed5db0c818ebe69ba427f0a663d303d76cc233fc8a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9d3dbe8453a6471a9db3bc1138e99554ca8de2a9e6b4bc336b7d81faac0c1314
cb0a041cf2f6fc642639408dea9ff245c0c373133e86059248ecfa3aae517a73
ce3c9710bc7eac5fb9612a0ae4943e29cfbd709c1672867c3034257e4d15c200
d66e688a4bf26995a600527ca261cef201f2ec4655a9ce6dccdac615bf4cf587
de70432bd088c74f2269dc74f4c68f94b44bb6a81f04973058af53c6fa606579