urlscan.io logo urlscan.io
SecurityTrails logo

prom.ua Open in urlscan Pro
193.34.169.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.asc-aqua.cn/?cn=https%3a%2f%2fprom.ua%2fredirect%3furl%3dowohho.com%2faway%3furl%3dhttps%3a%2f%2falaska.ks.ua
Effective URL: https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Submission: On February 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 193.34.169.6, located in Sofiyevskaya Borshchagovka, Ukraine and belongs to EVO, UA. The main domain is prom.ua. The Cisco Umbrella rank of the primary domain is 160474.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 5th 2024. Valid for: 3 months.
This is the only time prom.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.87.201.137 133199 (SONDERCLO...)
3 193.34.169.6 43896 (EVO)
3 1
Apex Domain
Subdomains		 Transfer
3 prom.ua
prom.ua — Cisco Umbrella Rank: 160474
12 KB
1 asc-aqua.cn
www.asc-aqua.cn
259 B
3 2
Domain Requested by
3 prom.ua prom.ua
1 www.asc-aqua.cn 1 redirects
3 2

This site contains no links.

Subject Issuer Validity Valid
prom.ua
ZeroSSL RSA Domain Secure Site CA		 2024-01-05 -
2024-04-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Frame ID: EBE39D7C5C85FDE5F81E2E6A068CA754
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prom.ua - маркетплейс

Page URL History Show full URLs

  1. http://www.asc-aqua.cn/?cn=https%3a%2f%2fprom.ua%2fredirect%3furl%3dowohho.com%2faway%3furl%3dhttps... HTTP 302
    https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

12 kB
Transfer

33 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.asc-aqua.cn/?cn=https%3a%2f%2fprom.ua%2fredirect%3furl%3dowohho.com%2faway%3furl%3dhttps%3a%2f%2falaska.ks.ua HTTP 302
    https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect
prom.ua/
Redirect Chain
  • http://www.asc-aqua.cn/?cn=https%3a%2f%2fprom.ua%2fredirect%3furl%3dowohho.com%2faway%3furl%3dhttps%3a%2f%2falaska.ks.ua
  • https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.34.169.6 Sofiyevskaya Borshchagovka, Ukraine, ASN43896 (EVO, UA),
Reverse DNS
prom.ua
Software
nginx /
Resource Hash
ebcccfc171ed3337b2c1f0d7397ec5ec944c17bc27300a8dd9ca8c8414153275

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 25 Feb 2024 22:30:26 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
x-request-id
45b821f7-34e2-410a-ade4-6675a98a8315

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Feb 2024 22:30:11 GMT
Location
https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Server
nginx
Transfer-Encoding
chunked
logo-hc6c0a95c9d144b6b867cd247243ed469e.svg
prom.ua/cloud-cgi/static/uaprom-static/image/portal/UA/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prom.ua/cloud-cgi/static/uaprom-static/image/portal/UA/logo-hc6c0a95c9d144b6b867cd247243ed469e.svg
Requested by
Host: prom.ua
URL: https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.34.169.6 Sofiyevskaya Borshchagovka, Ukraine, ASN43896 (EVO, UA),
Reverse DNS
prom.ua
Software
nginx /
Resource Hash
7759acbdfe5bcdbcf6a027bea3ad3987bfaf0c87ed298a912848b617f79d36f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 22:30:26 GMT
content-encoding
br
x-uri1
uaprom-static.c.evo.dev/image/portal/UA/br-encoded-logo-hc6c0a95c9d144b6b867cd247243ed469e.svg
x-amz-request-id
tx00000000000013a246dd4-00659d514d-4a1be2c6-openstack-1
x-cache-key
cdnuaprom-static.c.evo.dev/image/portal/UA/br-encoded-logo-hc6c0a95c9d144b6b867cd247243ed469e.svg, cprom.ua/cloud-cgi/static/uaprom-static/image/portal/UA/logo-hc6c0a95c9d144b6b867cd247243ed469e.svg
x-cache-status
HIT, HIT, HIT
x-cache-type
main
x-amz-storage-class
STANDARD
x-trouble
IAMHERE
x-cache-source
local
content-length
1526
x-cdn-ruri
/image/portal/UA/br-encoded-logo-hc6c0a95c9d144b6b867cd247243ed469e.svg, http_x_cdn_ruri
last-modified
Mon, 08 Jan 2024 03:08:46 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-servant
nginx-cache-03, sirius
x-rgw-object-type
Normal
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
access-control-allow-headers
X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name
himehabu
not-found-hc13122dae1e434a61607ee77c7ff59caa.svg
prom.ua/cloud-cgi/static/uaprom-static/image/portal/mascots/ 		24 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prom.ua/cloud-cgi/static/uaprom-static/image/portal/mascots/not-found-hc13122dae1e434a61607ee77c7ff59caa.svg
Requested by
Host: prom.ua
URL: https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.34.169.6 Sofiyevskaya Borshchagovka, Ukraine, ASN43896 (EVO, UA),
Reverse DNS
prom.ua
Software
nginx /
Resource Hash
f522eb7aa30cc6818b9e9d3d42144ee9f7f3b625b228d38d40ff33b88653fb80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 22:30:26 GMT
content-encoding
br
x-uri1
uaprom-static.c.evo.dev/image/portal/mascots/br-encoded-not-found-hc13122dae1e434a61607ee77c7ff59caa.svg
x-amz-request-id
tx000000000000133688a55-00659bcf49-46643e73-openstack-1
x-cache-key
cdnuaprom-static.c.evo.dev/image/portal/mascots/br-encoded-not-found-hc13122dae1e434a61607ee77c7ff59caa.svg, cprom.ua/cloud-cgi/static/uaprom-static/image/portal/mascots/not-found-hc13122dae1e434a61607ee77c7ff59caa.svg
x-cache-status
HIT, HIT, HIT
x-cache-type
main
x-amz-storage-class
STANDARD
x-trouble
IAMHERE
x-cache-source
local
content-length
6542
x-cdn-ruri
/image/portal/mascots/br-encoded-not-found-hc13122dae1e434a61607ee77c7ff59caa.svg, http_x_cdn_ruri
last-modified
Mon, 08 Jan 2024 03:08:46 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-servant
habu, sirius
x-rgw-object-type
Normal
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
access-control-allow-headers
X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-lb-name
himehabu

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.prom.ua/ Name: user_tracker
Value: 483b0614445b9d3bc7268a28c7a0e018aaa0dce4|38.132.118.76|2024-02-26
.prom.ua/ Name: csrf_token
Value: 10b1573d0ef04794ae1a93811c931cb1
.prom.ua/ Name: auth
Value: 5c69c8baefb983d151a6bc17215f7749e17001f8

1 Console Messages

Source Level URL
Text
network error URL: https://prom.ua/redirect?url=owohho.com/away?url=https://alaska.ks.ua
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

prom.ua
www.asc-aqua.cn
193.34.169.6
208.87.201.137
7759acbdfe5bcdbcf6a027bea3ad3987bfaf0c87ed298a912848b617f79d36f7
ebcccfc171ed3337b2c1f0d7397ec5ec944c17bc27300a8dd9ca8c8414153275
f522eb7aa30cc6818b9e9d3d42144ee9f7f3b625b228d38d40ff33b88653fb80