urlscan.io logo urlscan.io
SecurityTrails logo

ukrainely.help Open in urlscan Pro
2606:4700:3036::ac43:d7c9  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ukrainely.help/
Effective URL: https://ukrainely.help/
Submission: On February 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3036::ac43:d7c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is ukrainely.help.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2023. Valid for: 3 months.
This is the only time ukrainely.help was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

5    2606:4700:3035::6815:45ef (United States)

ASN13335 (CLOUDFLARENET, US)
ukrainely.help
10    2606:4700:3036::ac43:d7c9 (United States)

ASN13335 (CLOUDFLARENET, US)
ukrainely.help
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 ukrainely.help
ukrainely.help
205 KB
2 gstatic.com
fonts.gstatic.com
52 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2456
253 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
76 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1001 B
18 5
Domain Requested by
15 ukrainely.help 2 redirects ukrainely.help
2 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ukrainely.help
1 fonts.googleapis.com ukrainely.help
18 5

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
*.ukrainely.help
GTS CA 1P5		 2023-01-30 -
2023-04-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ukrainely.help/
Frame ID: 34D9E8F9B8897605C84E00B0A31D239B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ukrainely - Допомога Українцям

Page URL History Show full URLs

  1. http://ukrainely.help/ Page URL
  2. http://ukrainely.help/cdn-cgi/phish-bypass?atok=yStjMl92YKG.iHv2.dIVNZXgZblRne5EcHfGYkhSqIc-167576... HTTP 301
    http://ukrainely.help/ HTTP 301
    https://ukrainely.help/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

83 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

333 kB
Transfer

526 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ukrainely.help/ Page URL
  2. http://ukrainely.help/cdn-cgi/phish-bypass?atok=yStjMl92YKG.iHv2.dIVNZXgZblRne5EcHfGYkhSqIc-1675769281-0-%2F HTTP 301
    http://ukrainely.help/ HTTP 301
    https://ukrainely.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ukrainely.help/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ukrainely.help/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:45ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009114364a2f1ee2a0c3d136601e6bd9cfe50fa43101ef40281e5f518b2017d6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
795bc797088b2bf5-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Feb 2023 11:28:01 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqa7ehG%2FC7LexJb2XKbfFb0FIh5uFznS5qoproCb39kDFklJwsHlDAZw4RLkKBgNLJD%2B2ClAWh2kUB4Evae7%2B94SCouqi3S64UfHIGvMGwK9cxeOQKJe2WDNCSBt3Dy010jUrvRSJ2hlfa7jhw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cf.errors.css
ukrainely.help/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ukrainely.help/cdn-cgi/styles/cf.errors.css
Requested by
Host: ukrainely.help
URL: http://ukrainely.help/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:45ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 11:28:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Feb 2023 16:55:59 GMT
Server
cloudflare
ETag
W/"63dd3c9f-5e44"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
795bc79758ec2bf5-FRA
Expires
Tue, 07 Feb 2023 13:28:01 GMT
icon-exclamation.png
ukrainely.help/cdn-cgi/images/ 		452 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ukrainely.help/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: ukrainely.help
URL: http://ukrainely.help/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:45ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ukrainely.help/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 11:28:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Feb 2023 16:55:59 GMT
Server
cloudflare
ETag
"63dd3c9f-1c4"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
795bc797a94c2bf5-FRA
Content-Length
452
Expires
Tue, 07 Feb 2023 13:28:01 GMT
Primary Request /
ukrainely.help/
Redirect Chain
  • http://ukrainely.help/cdn-cgi/phish-bypass?atok=yStjMl92YKG.iHv2.dIVNZXgZblRne5EcHfGYkhSqIc-1675769281-0-%2F
  • http://ukrainely.help/
  • https://ukrainely.help/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c164812eecf206539f7e707e66fffca53fa09d09733cab374b2c40eef1bc4258
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://ukrainely.help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795bc7b1adc039e6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 11:28:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvdRTKWqHR2BbdMkx60aQaBqT%2FSDKS196Hnu2Ryh0CxXqqAIyo%2BdwDPCFD2vxpTwBtN9%2Fo5Op0ayMZ49Eu5l%2F7prgehVbHkHkRrRYtbnhhtA1BTyR1I%2Bs48cPt6YMQESUKi54CI3F5hJlww4xA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

CF-RAY
795bc7b0cb142bf5-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 07 Feb 2023 11:28:05 GMT
Expires
Tue, 07 Feb 2023 12:28:05 GMT
Location
https://ukrainely.help/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdwD0eHP0GYA746xmY6S0NcqBvYL29sMXrRzuLeDs3ZxH5fm91Qr1ZhRAj5DWLkYWwHuRhloXQsi4mUBbyIy7dW%2FLV0mJInEKp0cmf93F%2BAa%2Fl3qYDJ%2Fp5Us8BKWJkuLO2CA194L8027T0KN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		5 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&display=swap
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca4562cee5bd64b4f6d54c824c3a7e3b8ca7dfd655a1fe0b49c9e9afd8619206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 11:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 09:56:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 11:28:05 GMT
style.css
ukrainely.help/template/ukrainely/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ukrainely.help/template/ukrainely/css/style.css?102
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31036d1211600178bc3f1653876f78269469a86dbfe9fb75253801f78d3506cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5961
cf-polished
origSize=41140
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Feb 2023 09:37:29 GMT
server
cloudflare
etag
W/"63e21bd9-a0b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fmcYq1kO3Oq2sceq5h62AIbp5mOKucRXQDxWxKbIP91QrpGLLdmKduHCTgOhPK0FgEIexUZxesT6RBJP15E%2FIjfwOTbeezRUY14I1YoBDtqORF0gVQJqpsfGgB2wUHyInfZsS2epeG1Nc3OOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
795bc7b499bb39e6-FRA
logo.webp
ukrainely.help/template/ukrainely/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/logo.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516d311bb70b88268bbf4ceeb640106574e21cae864db38d1a6d09585ba65292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f57565-1494"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wg6cqqJD62oPq%2BV07%2FsSRwQTF7QJyTrEB5zUaFDWsZvnefT%2B8AAppwUmHZ37HX5eOCQeDKlXwHzR2uAL0keEFepLVHPJjZR%2BPTNDTOjdh5BwiYMS9ThnOVELdjjKajxlMM2UTKPmgHX5Z5Wnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9e139e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5268
twitter-light.webp
ukrainely.help/template/ukrainely/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/twitter-light.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5699e852522b91aa65d3915b24cae86521c7ec72fa554c419e81e0a4a6bc7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f5767c-832"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2L1PYcjYUjiVRPAWYIcmF43gN75wmahruTVz7FQqqguKtshYuN3htH2v4VK7IieYaTBOpD0rw%2FGmDKdzG2P1k5xyLv5MTrmfannC8QH613Kv3h9E3Wm29RpgBm6oxEnByRGR3XZvfPS6UuqJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9e439e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2098
instagram-light.webp
ukrainely.help/template/ukrainely/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/instagram-light.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed07eba605ce9288f817d057bd43c23d2f2e5fe05f2824e4840dbec9cd4b7866

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f5767c-b5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZmG1c8DtbxyYWsUV9qhuNCPlXCXLKwp5qxB4%2BgHKrcKrIUXDq1dGeLIwTpSfny5qPMENYh%2B4cjtSx0uc7iM2Q86Wv9u%2FeMbEIUIm89GDB5GQkN929H%2FBVOJX%2BXKglhXvwyNRX2andSrXGsUQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9e639e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2908
facebook-light.webp
ukrainely.help/template/ukrainely/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/facebook-light.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3998e817e7251df197b514fccc97ff2522e569c3c10ded6cf98fd0cab4040f44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f5767c-614"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqsfVf63x7c0AeDdRSCxTY9bmty0NoAJwbT1ueo2rrsSAj4MQpA5YYbCuZ91ok%2FRktSEgn%2F%2FKFE1i%2Bkq5%2FGKkI43D1j9f3d1V1mdTvb40WmbG4yWu42t1lFdaEBcGISnecGcQx46wXiD%2FXyUlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9e739e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1556
families.webp
ukrainely.help/template/ukrainely/images/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/families.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d5f2c58888ed34177bb71c6922380915a56d57c1a1324a1677ecdf8b2ccb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:10:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f57059-f814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6u6d7se%2Bxuc8FrSdRtVKTsZXMxW8pqIlm1K6cbNOuMKcdEX7Rghn5JPT%2BqwRwFXeA9n3obGZ5uuFyAd3R4b4tNa2DCH6zTSo5lx3VJ%2B5LHa8On0DfBndKyNVF3DYkoZDd6G5%2BZ5KAimxOhPj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9e839e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63508
refugees.webp
ukrainely.help/template/ukrainely/images/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/refugees.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140935eb0143db6a90f5ac2828543c4610b4512bda1b20fb8daa346038983ce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:10:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f57059-be68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STqRd2bja9BjWT7P4d%2F7rfVJIHZX0qNwucU%2FFL6spxRKPWbyN%2BeHf2XwOqUzZqcCXpRShhj5bwDz83T0Px9LXbS0gNCp4j9CNnOGSlEycNy3rebXKpAx5MFd9d8KqkenU8DXa%2F0hWqdz0TQYFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9e939e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48744
military.webp
ukrainely.help/template/ukrainely/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/military.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a00def6cbd94c53ba53a0cd232a66b57d6a815d8858435e6a5b1db1e4859587

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:10:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f57059-e630"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfc1dqbm9O5bqpEVt8aCBMREmmosShcOCxkvMcM8hd6BiM7O%2FG8B7SSeD5SgMeFt%2FKm%2Bprvij%2F0qg52fHylXjSXexwq0%2FfpPw6bGSuWPbl5j2GeyoWKQqRSkYk3ZIBnsUdycv1bINSDWZaCwRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9eb39e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58928
logo-dark.webp
ukrainely.help/template/ukrainely/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ukrainely.help/template/ukrainely/images/logo-dark.webp
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d7c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399f842aa6c48fae2c33fe020e3caee282aa72ba9c367d9cc42c396223b16de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 21:31:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5961
etag
"62f5752f-1494"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jviurA2oKUW4Wp9ybaf7n1YGWvMGIkZ8MSdoqKXAGNkpdQV7vmeauB2M2bLEClER50zJQgBpsM1%2FcMpqFMnSrcAdlSeRfric1mzRRIfLgt5BnmVMNhkcwW%2BryUu8FiF5MVEpojR2hqnOMnUtgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
795bc7b4b9ec39e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5268
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GB8DGEQ3RJ
Requested by
Host: ukrainely.help
URL: https://ukrainely.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a579ee99529b1473fedebd7c8bce6418893ec6c9b07427512bb1ed0cb83c9b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 11:28:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77627
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Feb 2023 11:28:06 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ukrainely.help
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 02:31:02 GMT
x-content-type-options
nosniff
age
291424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21276
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 02:31:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ukrainely.help
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 16:49:14 GMT
x-content-type-options
nosniff
age
412732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:49:14 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GB8DGEQ3RJ&gtm=45je3210&_p=1591000347&cid=1997274404.1675769286&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675769286&sct=1&seg=0&dl=https%3A%2F%2Fukrainely.help%2F&dr=http%3A%2F%2Fukrainely.help%2F&dt=Ukrainely%20-%20%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GB8DGEQ3RJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ukrainely.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 11:28:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ukrainely.help
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.ukrainely.help/ Name: __cf_mw_byp
Value: yStjMl92YKG.iHv2.dIVNZXgZblRne5EcHfGYkhSqIc-1675769281-0-/
.ukrainely.help/ Name: UKRAINELY
Value: dVdFdnlscS9Tcjh3SkZaQ2l2UVVOc1dJUGNMQ2JmV09FWk1KWTZkYmFnUT0%3D
.ukrainely.help/ Name: _ga_GB8DGEQ3RJ
Value: GS1.1.1675769286.1.0.1675769286.0.0.0
.ukrainely.help/ Name: _ga
Value: GA1.1.1997274404.1675769286

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
ukrainely.help
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:3035::6815:45ef
2606:4700:3036::ac43:d7c9
2a00:1450:4001:830::200a
2a00:1450:400d:806::2008
2a00:1450:400d:80a::2003
009114364a2f1ee2a0c3d136601e6bd9cfe50fa43101ef40281e5f518b2017d6
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
140935eb0143db6a90f5ac2828543c4610b4512bda1b20fb8daa346038983ce6
31036d1211600178bc3f1653876f78269469a86dbfe9fb75253801f78d3506cd
3998e817e7251df197b514fccc97ff2522e569c3c10ded6cf98fd0cab4040f44
399f842aa6c48fae2c33fe020e3caee282aa72ba9c367d9cc42c396223b16de4
516d311bb70b88268bbf4ceeb640106574e21cae864db38d1a6d09585ba65292
9a00def6cbd94c53ba53a0cd232a66b57d6a815d8858435e6a5b1db1e4859587
9d5699e852522b91aa65d3915b24cae86521c7ec72fa554c419e81e0a4a6bc7b
a1d5f2c58888ed34177bb71c6922380915a56d57c1a1324a1677ecdf8b2ccb55
a579ee99529b1473fedebd7c8bce6418893ec6c9b07427512bb1ed0cb83c9b6c
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
c164812eecf206539f7e707e66fffca53fa09d09733cab374b2c40eef1bc4258
ca4562cee5bd64b4f6d54c824c3a7e3b8ca7dfd655a1fe0b49c9e9afd8619206
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed07eba605ce9288f817d057bd43c23d2f2e5fe05f2824e4840dbec9cd4b7866
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016