Submitted URL: https://www.pyxis.ge/v5/cf9e02119fb09d7707bb1b75dd3dabfc/Up-dating.php?log=InfoPage#Info
Effective URL: https://www.pyxis.ge/v5/cf9e02119fb09d7707bb1b75dd3dabfc/Up-dating.php?log=InfoPage
Submission: On April 15 via automatic , source phishtank

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions.
The main IP is 188.93.90.244, located in Georgia and belongs to WEBCOM, GE. The main domain is www.pyxis.ge.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 22nd 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 0
  • phishtank - Score: 10 (URL submitted from phishtank) -
    phishing
  • googlesafebrowsing - Score: 100 (1 resources matched) -
    social_engineering

Domain & IP information

IP Address AS Autonomous System
1 188.93.90.244 57814 (WEBCOM)
1 1
Domain
Subdomains
Transfer
1 pyxis.ge
183 B
1 1
Domain Requested by
1 www.pyxis.ge
1 1

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
pyxis.ge
cPanel, Inc. Certification Authority
2019-03-22 -
2019-06-20
3 months

Screenshot



Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Up-dating.php?log=InfoPage
/v5/cf9e02119fb09d7707bb1b75dd3dabfc
0
183 B
Document
General
Full URL
https://www.pyxis.ge/v5/cf9e02119fb09d7707bb1b75dd3dabfc/Up-dating.php?log=InfoPage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.93.90.244 , Georgia, ASN57814 (WEBCOM, GE),
Reverse DNS
tbs01-cpanel12-ip244.cloud9.ge
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
www.pyxis.ge
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 05:19:50 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

www.pyxis.ge


188.93.90.244

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855