uasetlog.com Open in urlscan Pro
82.221.141.119 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://uasetlog.com/login/
Submission: On April 25 via api (April 25th 2024, 7:22:28 pm UTC) from HU — Scanned from IS

Summary HTTP 7 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 82.221.141.119, located in Reykjavik, Iceland and belongs to THORDC-AS, IS. The main domain is uasetlog.com.

This is the only time uasetlog.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ukr.net (Online)

Domain & IP information

	IP Address		AS Autonomous System
7	82.221.141.119 82.221.141.119		50613 (THORDC-AS) (THORDC-AS)
7	2

7 82.221.141.119 (Reykjavik, Iceland)

ASN50613 (THORDC-AS, IS)

uasetlog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	uasetlog.com uasetlog.com	59 KB
7	1

	Domain	Requested by
7	uasetlog.com	uasetlog.com
7	1

This site contains links to these domains. Also see Links.

Domain
accounts.ukr.net
www.ukr.net
mail.ukr.net

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://uasetlog.com/login/
Frame ID: A36ADC4BEC9FA2D2B3E7A40212D871F7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Пошта @ ukr.net - українська електронна пошта • Створи емейл

Page URL History Show full URLs

http://uasetlog.com/login/ HTTP 307
https://uasetlog.com/login/ HTTP 307
http://uasetlog.com/login/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

59 kB
Transfer

191 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.ukr.net/recovery
Title: Не вдається увійти?

Search URL Search Domain Scan URL

URL: https://accounts.ukr.net/registration
Title: Створити скриньку

Search URL Search Domain Scan URL

URL: https://www.ukr.net/terms/
Title: Угода про конфіденційність

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/terms_uk.html
Title: Угода про використання електронної пошти FREEMAIL (mail.ukr.net)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uasetlog.com/login/ HTTP 307
https://uasetlog.com/login/ HTTP 307
http://uasetlog.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response uasetlog.com/login/ Redirect Chain http://uasetlog.com/login/ https://uasetlog.com/login/ http://uasetlog.com/login/	35 KB 9 KB	58ms 58ms	Document text/html	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/ Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `a6bb96513514965302b2f65d26475e2de37dae337f53d48be0eefe40d92040bd` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 9357 Content-Type text/html Date Thu, 25 Apr 2024 19:22:24 GMT ETag "8c60-616be45be0134-gzip" Keep-Alive timeout=5, max=100 Last-Modified Tue, 23 Apr 2024 07:12:09 GMT Server Apache/2.4.41 (Ubuntu) Vary Accept-Encoding Redirect headers Location http://uasetlog.com/login/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	bundle.css uasetlog.com/login/css/	47 KB 14 KB	58ms 58ms	Stylesheet text/css	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/css/bundle.css Requested by Host: uasetlog.com URL: http://uasetlog.com/login/ Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `7639ee691f661b6ff3cbe800c6e1a05c245a4b7eea563d4d6ee619ced2376da3` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/login/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 25 Apr 2024 19:22:24 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2024 07:12:39 GMT Server Apache/2.4.41 (Ubuntu) ETag "bb01-616be477c40e4-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 14334
GET H/1.1	200 OK	authform.css uasetlog.com/login/css/	7 KB 2 KB	112ms 56ms	Stylesheet text/css	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/css/authform.css Requested by Host: uasetlog.com URL: http://uasetlog.com/login/ Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `d69908345e58f84dfe716ca8f99393725f7c6fd3af19f792037db7fadeb5731d` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/login/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 25 Apr 2024 19:22:24 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2024 07:12:36 GMT Server Apache/2.4.41 (Ubuntu) ETag "1a6e-616be4753b953-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1805
GET H/1.1	200 OK	jquery.min.js Show response uasetlog.com/login/js/	88 KB 31 KB	116ms 61ms	Script application/javascript	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/js/jquery.min.js Requested by Host: uasetlog.com URL: http://uasetlog.com/login/ Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/login/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 25 Apr 2024 19:22:24 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2024 07:12:23 GMT Server Apache/2.4.41 (Ubuntu) ETag "15ec3-616be468c1165-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 31043
GET H/1.1	200 OK	authform.js Show response uasetlog.com/login/js/	1 KB 783 B	112ms 57ms	Script application/javascript	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/js/authform.js Requested by Host: uasetlog.com URL: http://uasetlog.com/login/ Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `88a6f26f78e48eb74b0dff4a97b9c0d6af3a0d0b2689f229287470f0a756dabe` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/login/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 25 Apr 2024 19:22:24 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2024 07:12:25 GMT Server Apache/2.4.41 (Ubuntu) ETag "405-616be46ad16ea-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 433
GET H/1.1	200 OK	changer.js Show response uasetlog.com/login/js/	222 B 496 B	112ms 57ms	Script application/javascript	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/js/changer.js Requested by Host: uasetlog.com URL: http://uasetlog.com/login/ Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `f2c0d42f53100144deb9c38548a220ecdb493c4ff509f6af5a6a5678dfff7a29` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/login/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 25 Apr 2024 19:22:24 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2024 07:12:25 GMT Server Apache/2.4.41 (Ubuntu) ETag "de-616be46a6bdd6-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 147
GET DATA	200 OK	truncated /	1001 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `de70432bd088c74f2269dc74f4c68f94b44bb6a81f04973058af53c6fa606579` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	9 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `84f617eae2364b8f947c5b9576bf988d1005f0275ca12d535e59b362feb2d4ae` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	459 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `783577c6bde48db98827b77d356a612f98305b8735df026a6073fabec963dc8a` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	396 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `479fc333997d4c170e56429d65bf1a9bc2940a3c47cdd35dda1f0a377656764b` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	799 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `52b540c6b9b2c841d893f2f54356b12caee46702a21b5d78aa24328510d54c48` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	582 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3f0560a2a244ba1e75be36071d6342c8a01357fe09031c94e43015d2a6f6e309` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml;charset=utf-8
GET H/1.1	200 OK	favicon.png uasetlog.com/login/pics/	707 B 991 B	56ms 56ms	Other image/png	82.221.141.119 THORDC-AS
General Check archive.org Show headers Download Go to Full URL http://uasetlog.com/login/pics/favicon.png Protocol HTTP/1.1 Server 82.221.141.119 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `d101f793e385db7b588e0dd59905a1cf160306ed2696714379356d7821f28cf3` Request headers Accept-Language is-IS,is;q=0.9;q=0.9 Referer http://uasetlog.com/login/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 25 Apr 2024 19:22:24 GMT Last-Modified Tue, 23 Apr 2024 07:12:16 GMT Server Apache/2.4.41 (Ubuntu) ETag "2c3-616be46246cfc" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 707

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ukr.net (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://uasetlog.com/login/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

uasetlog.com
82.221.141.119
3f0560a2a244ba1e75be36071d6342c8a01357fe09031c94e43015d2a6f6e309
479fc333997d4c170e56429d65bf1a9bc2940a3c47cdd35dda1f0a377656764b
52b540c6b9b2c841d893f2f54356b12caee46702a21b5d78aa24328510d54c48
7639ee691f661b6ff3cbe800c6e1a05c245a4b7eea563d4d6ee619ced2376da3
783577c6bde48db98827b77d356a612f98305b8735df026a6073fabec963dc8a
84f617eae2364b8f947c5b9576bf988d1005f0275ca12d535e59b362feb2d4ae
88a6f26f78e48eb74b0dff4a97b9c0d6af3a0d0b2689f229287470f0a756dabe
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a6bb96513514965302b2f65d26475e2de37dae337f53d48be0eefe40d92040bd
d101f793e385db7b588e0dd59905a1cf160306ed2696714379356d7821f28cf3
d69908345e58f84dfe716ca8f99393725f7c6fd3af19f792037db7fadeb5731d
de70432bd088c74f2269dc74f4c68f94b44bb6a81f04973058af53c6fa606579
f2c0d42f53100144deb9c38548a220ecdb493c4ff509f6af5a6a5678dfff7a29

uasetlog.com Open in urlscan Pro 82.221.141.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

59 kBTransfer

191 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

uasetlog.com Open in urlscan Pro
82.221.141.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

59 kB
Transfer

191 kB
Size

0
Cookies

7 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!