www.alternativa.pp.ua
Open in
urlscan Pro
188.120.245.188
Malicious Activity!
Public Scan
Submission: On August 09 via automatic, source openphish
Summary
This is the only time www.alternativa.pp.ua was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
33 | 188.120.245.188 188.120.245.188 | 29182 (ISPSYSTEM...) (ISPSYSTEM-AS ISPsystem Autonomous System) | |
1 | 98.138.79.19 98.138.79.19 | 36646 (YAHOO-NE1) (YAHOO-NE1 - Yahoo) | |
34 | 2 |
ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU)
PTR: for-ns.ru
www.alternativa.pp.ua |
ASN36646 (YAHOO-NE1 - Yahoo, US)
PTR: mgrats.geo.vip.ne1.yahoo.com
visit.webhosting.yahoo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
pp.ua
www.alternativa.pp.ua |
179 KB |
1 |
yahoo.com
visit.webhosting.yahoo.com |
85 B |
34 | 2 |
Domain | Requested by | |
---|---|---|
33 | www.alternativa.pp.ua |
www.alternativa.pp.ua
|
1 | visit.webhosting.yahoo.com |
www.alternativa.pp.ua
|
34 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypal.com |
www.paypalcreditcard.com |
ad.doubleclick.net |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Frame ID: 16520.1
Requests: 34 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Accounts
Search URL Search Domain Scan URL
Title: Fees
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Legal Agreements
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: Plus Card
Search URL Search Domain Scan URL
Title: Referrals
Search URL Search Domain Scan URL
Title: Shops
Search URL Search Domain Scan URL
Title: Mass Pay
Search URL Search Domain Scan URL
Title: Information about FDIC pass-through insurance
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
www.paypal.com.account.restore.htm
www.alternativa.pp.ua/ |
21 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xpt.css
www.alternativa.pp.ua/Confirm_files/ |
56 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xptInvoice.css
www.alternativa.pp.ua/Confirm_files/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xptObsolete.css
www.alternativa.pp.ua/Confirm_files/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xptlive.css
www.alternativa.pp.ua/Confirm_files/ |
69 B 69 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
www.alternativa.pp.ua/Confirm_files/ |
302 B 302 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flowSignUpQuickHits.css
www.alternativa.pp.ua/Confirm_files/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
legal.css
www.alternativa.pp.ua/Confirm_files/ |
529 B 529 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lang.css
www.alternativa.pp.ua/Confirm_files/ |
165 B 165 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_main.js
www.alternativa.pp.ua/Confirm_files/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paypal_logo.gif
www.alternativa.pp.ua/Confirm_files/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.gif
www.alternativa.pp.ua/Confirm_files/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_forward.gif
www.alternativa.pp.ua/Confirm_files/ |
59 B 59 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secure_lock_2.gif
www.alternativa.pp.ua/Confirm_files/ |
243 B 243 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ccVisa.gif
www.alternativa.pp.ua/Confirm_files/ |
347 B 347 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ccMC.gif
www.alternativa.pp.ua/Confirm_files/ |
894 B 894 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ccAmex.gif
www.alternativa.pp.ua/Confirm_files/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ccDiscover.gif
www.alternativa.pp.ua/Confirm_files/ |
754 B 754 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ccEcheck.gif
www.alternativa.pp.ua/Confirm_files/ |
809 B 809 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PayPal_mark_37x23.gif
www.alternativa.pp.ua/Confirm_files/ |
812 B 812 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mini_cvv2.gif
www.alternativa.pp.ua/Confirm_files/ |
509 B 509 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secret.jpg
www.alternativa.pp.ua/Confirm_files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_hearing_14x13.gif
www.alternativa.pp.ua/Confirm_files/ |
210 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnr_PVNbnr3_120x600.gif
www.alternativa.pp.ua/Confirm_files/ |
21 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_naturalsearch.js
www.alternativa.pp.ua/Confirm_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_jscode_080706.js
www.alternativa.pp.ua/Confirm_files/ |
28 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s45266947164694.gif
www.alternativa.pp.ua/Confirm_files/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whv2_001.js
www.alternativa.pp.ua/Confirm_files/ |
669 B 669 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visit.gif
www.alternativa.pp.ua/Confirm_files/ |
85 B 85 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.alternativa.pp.ua/Confirm_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flexible.css
www.alternativa.pp.ua/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
start.css
www.alternativa.pp.ua/Confirm_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_main_1x50.gif
www.alternativa.pp.ua/en_US/i/btn/ |
317 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visit.gif
visit.webhosting.yahoo.com/ |
85 B 85 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
visit.webhosting.yahoo.com
www.alternativa.pp.ua
188.120.245.188
98.138.79.19
025567cd7091f27d9f94bd78689507299842c4ed8a917dcc952b33e28ab7229b
059563099ba83976fde23e301cc02a33a4f4ac6968ad6a0dcdc9b4760e4e6976
0966e01febe49f9374b29f391aa5413a052632d405bc0dd70e34e82bfd3839aa
148bb6e7cdf1ca5053df6028be0a955ee1ea71402486dc398ac91992c13696e6
216bf785c03f93d2cc074f0c5805c9dd369142c83a11d228682a54f88dbe2079
275b7a867831a923bb2ab17160004afef43973ac2192b04724506608b8255d99
2a8e6a8742ec1caac701bad4c6458fd905a694d9c21e746adca2d4c1b4a7f18f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
39ae331982adf61d71998f20ea8da7caeca52d5ff98552850bbe0af9b86a838a
4dc0347e0645bb3625c1dd400f3a4109d79efc3da599164df165e1f40867a5ba
57ec72c70bf1eff7a24b120662527955a6a406f726bb52efcd863146d3891697
682206f21497106150a7d916deeeb50b75249e2a42ea9fe54c02ab4da24f0ec2
7049617a09c3ed36cefc1690ae0be2ebe8e5053137424095282f464407977c47
7b732f35410412d57eeca996de3dc7df62115027aa46d810ee23759bc8d64768
7c1cd2e59b62996048a8571c214be59acb279ad0f5ed2317bf74b5cf317aae04
9c2b8be7a09a43662503b1f9862c4f1f790179f2a3d1de44355efce4b22114e9
a0be3b68e5edea38e7ab58ee6234d4af49518952c7364f2ad005e11d3379d98f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
c0c2ac6194bc25d4f05da3c6c50197ae54022385171cb6aa144ae097bac5edc9
c65023d55c383d81386211859b6e58cbc723abd7f32dc060f6acd4b5ad06e5e9
c86bfae33486f088cc7e1481948d3328126a1ca553248e48ab4a4bef4bfcf481
cb690eb637ec1b9ed96dfd0d9e6c68f39d56afe17b0061b7d53299f839276bea
cd5a6a18083698c74db9d1644f53d10303e981cc29caa115dc19cafc2e1a207d
d4b2dc7b27e58e185c603b96b6d2a115f483e0e2ee31e401f72b459aaef964ca
e84d566f7903e567fe6035d03a7abdfe43f3f87febcacf73317fcff941c6570e
ee3d88c6d37622aee16048802349e042ed533344273360a69b8d96303d2c63a8
f86e5a589b655e339f9105a1f73c1feb97e184be0eb43dc683d158a937b0b669
f891b7d29b25582bf486b5f44dda9c17b1e1eed84b58112471fed4fe6f9e8a1d
f99c7f665d052ca6063a6c7846af5435e4c5167d7d102cc596d13aea00b5fc1b
fc9698b26e3f3c85518fc670a6237b3182aa302a788ae0a32971d2a7c9c17b8b