odigosxanthis.gr - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 136.243.159.62, located in Germany and belongs to HETZNER-AS, DE. The main domain is odigosxanthis.gr.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 14th 2017. Valid for: 3 months.

This is the only time odigosxanthis.gr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	136.243.159.62 136.243.159.62	24940 (HETZNER-AS) (HETZNER-AS)
5	52.222.175.208 52.222.175.208	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	92.123.94.15 92.123.94.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	3

1 136.243.159.62 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server1.netcreation.gr

odigosxanthis.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.175.208 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-175-208.fra54.r.cloudfront.net

static.adobelogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.94.15 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-94-15.deploy.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	adobelogin.com static.adobelogin.com	35 KB
1	typekit.net use.typekit.net	7 KB
1	odigosxanthis.gr odigosxanthis.gr	10 KB
7	3

	Domain	Requested by
5	static.adobelogin.com	odigosxanthis.gr
1	use.typekit.net	odigosxanthis.gr
1	odigosxanthis.gr
7	3

This site contains no links.

Subject Issuer	Validity	Valid
odigosxanthis.gr cPanel, Inc. Certification Authority	`2017-09-14` - `2017-12-13`	3 months	crt.sh
*.adobelogin.com DigiCert SHA2 Secure Server CA	`2015-10-06` - `2018-10-10`	3 years	crt.sh
typekit.net Symantec Class 3 Secure Server CA - G4	`2017-03-20` - `2018-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Frame ID: 13240.1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

52 kB
Transfer

131 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request started.html Show response
odigosxanthis.gr/templates/beez_20/html/cgibin/ 10 KB
10 KB 105ms
84ms Document
text/html 136.243.159.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.159.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server1.netcreation.gr
Software: Apache /
Resource Hash: 23dc5c0264148bb4b4f2582c8dc13a7bda4d9f8f4e22d63e0e94043b5ed2fc6a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: odigosxanthis.gr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Fri, 24 Nov 2017 20:35:00 GMT
Last-Modified: Wed, 22 Nov 2017 01:23:50 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 10677
Content-Type: text/html

GET
H/1.1 200
OK head.css
static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/css/ 37 KB
8 KB 2299ms
10ms Stylesheet
text/css 52.222.175.208
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/css/head.css
Requested by: Host: odigosxanthis.gr
URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.175.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-175-208.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 768431b4c29ae68dd64018cb15caa62ca10e81ec6a762078d503469a8e8cb30a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.adobelogin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 08:15:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 May 2017 12:10:33 GMT
Server: AmazonS3
Age: 476333
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: 4ozDAD2eG_TGd7425QrF11BUzSLlAHzM
Via: 1.1 93c5c2940efa6748481c787e7c245f82.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Type: text/css
X-Amz-Cf-Id: 1GLMhmtiZpiatNJy8lJFeizMvVOkKZNutC2XcU_4K07Gs1nNmSelTQ==

GET
H/1.1 200
OK spectrum_head.js Show response
static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/script/ 53 KB
19 KB 2302ms
12ms Script
application/x-javascript 52.222.175.208
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/script/spectrum_head.js
Requested by: Host: odigosxanthis.gr
URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.175.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-175-208.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98db4a4fa3b2549ad28cf08c47400b262cebedb04363ffe2bf81f6323c79d25c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.adobelogin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 14:43:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 May 2017 12:10:35 GMT
Server: AmazonS3
Age: 452995
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: 6Uj0x18E.yr1eglBQPvTYnLqDjo0i2i0
Via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Type: application/x-javascript
X-Amz-Cf-Id: gwkxv71IB68NLAgSrunFXCiVkYfS7QjjIHriPRVEWE2-uuYXxJK-2Q==

GET
H/1.1 200
OK 045110ca15262c13aa37af60dbb4b51a.png
static.adobelogin.com/clients/adobe_document_cloud/ 4 KB
4 KB 8ms
8ms Image
image/png 52.222.175.208
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adobelogin.com/clients/adobe_document_cloud/045110ca15262c13aa37af60dbb4b51a.png
Requested by: Host: odigosxanthis.gr
URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.175.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-175-208.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d21d3e842557ae561c62bc19a0145c9b480028fedbc9e4fe941cebafb916131

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.adobelogin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Thu, 22 Sep 2016 17:59:51 GMT
Via: 1.1 93c5c2940efa6748481c787e7c245f82.cloudfront.net (CloudFront)
Last-Modified: Fri, 13 Mar 2015 23:25:18 GMT
Server: AmazonS3
Age: 2659
ETag: "1454dcbe98fb5de47f4a165d4ef14306"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3776
X-Amz-Cf-Id: YNgggNyMepVr1S3RshuLegXTS0SXdAnCIdD6kK2nPIxbes5r3CkPCg==

GET
H/1.1 200
OK spectrum_capsindicator.js Show response
static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/script/ 2 KB
1 KB 8ms
8ms Script
application/x-javascript 52.222.175.208
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/script/spectrum_capsindicator.js
Requested by: Host: odigosxanthis.gr
URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.175.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-175-208.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.adobelogin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 14:43:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 May 2017 12:10:36 GMT
Server: AmazonS3
Age: 452995
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: 0t_70Puu0UiGAPBhHaTqHzdi7lVefEn3
Via: 1.1 93c5c2940efa6748481c787e7c245f82.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Type: application/x-javascript
X-Amz-Cf-Id: I0FfcFDM94ScMJNkJecm6P9APvvKPoA7AM5V8qMSTbmdLLsg-7c9hw==

GET
H/1.1 200
OK sprite.spectrum.svg
static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/img/sprite/ 7 KB
3 KB 40ms
40ms Image
image/svg+xml 52.222.175.208
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/img/sprite/sprite.spectrum.svg
Requested by: Host: odigosxanthis.gr
URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.175.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-175-208.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e6447cc95a503b66588a09a9761ff1577d5e5dc1563bd84c9d769667af3bbb9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.adobelogin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/css/head.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://static.adobelogin.com/renga-idprovider/resources/0bd2c42598faa18b04ad80ec2c363330/spectrum/css/head.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 14:44:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 May 2017 12:10:31 GMT
Server: AmazonS3
Age: 452995
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: NXl7SVLFSfC5zHJyF4LnrU95fJ8lD0jr
Via: 1.1 b541956a3e11a8d6bd72d74e925ca434.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Type: image/svg+xml
X-Amz-Cf-Id: gw6on72zzGXMU3W-NWPFdn1NXCiwGEXM_35nPb69ZRqN1BUzMYPNNA==

GET
H2 200 znu8cfp.js Show response
use.typekit.net/ 18 KB
7 KB 25ms
6ms Script
text/javascript 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/znu8cfp.js

Requested by

Host: odigosxanthis.gr
URL: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a92-123-94-15.deploy.akamaitechnologies.com

Software

nginx /

Resource Hash

bc337f79eefe3b8a3addb05c46414c95476363dd191cbb7222e1d16125f56531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:path: /znu8cfp.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: use.typekit.net
referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
:scheme: https
:method: GET
Referer: https://odigosxanthis.gr/templates/beez_20/html/cgibin/started.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200 200 OK
date: Fri, 24 Nov 2017 20:33:54 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 7091

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://use.typekit.net/znu8cfp.js(Line 33) Message: Typekit: the domain "odigosxanthis.gr" isn't in the list of published domains for kit "znu8cfp".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

odigosxanthis.gr
static.adobelogin.com
use.typekit.net
136.243.159.62
52.222.175.208
92.123.94.15
23dc5c0264148bb4b4f2582c8dc13a7bda4d9f8f4e22d63e0e94043b5ed2fc6a
2e6447cc95a503b66588a09a9761ff1577d5e5dc1563bd84c9d769667af3bbb9
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca
768431b4c29ae68dd64018cb15caa62ca10e81ec6a762078d503469a8e8cb30a
8d21d3e842557ae561c62bc19a0145c9b480028fedbc9e4fe941cebafb916131
98db4a4fa3b2549ad28cf08c47400b262cebedb04363ffe2bf81f6323c79d25c
bc337f79eefe3b8a3addb05c46414c95476363dd191cbb7222e1d16125f56531

odigosxanthis.gr Open in urlscan Pro 136.243.159.62 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

52 kBTransfer

131 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

odigosxanthis.gr Open in urlscan Pro
136.243.159.62 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

52 kB
Transfer

131 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!