www.alternativa.pp.ua Open in urlscan Pro
188.120.245.188  Malicious Activity! Public Scan

URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Submission: On August 09 via automatic, source openphish

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 34 HTTP transactions. The main IP is 188.120.245.188, located in Russian Federation and belongs to ISPSYSTEM-AS ISPsystem Autonomous System, LU. The main domain is www.alternativa.pp.ua.
This is the only time www.alternativa.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
33 188.120.245.188 29182 (ISPSYSTEM...)
1 98.138.79.19 36646 (YAHOO-NE1)
34 2
Apex Domain
Subdomains
Transfer
33 pp.ua
www.alternativa.pp.ua
179 KB
1 yahoo.com
visit.webhosting.yahoo.com
85 B
34 2
Domain Requested by
33 www.alternativa.pp.ua www.alternativa.pp.ua
1 visit.webhosting.yahoo.com www.alternativa.pp.ua
34 2

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
www.paypalcreditcard.com
ad.doubleclick.net
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Frame ID: 16520.1
Requests: 34 HTTP requests in this frame

Screenshot


Page Statistics

34
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

179 kB
Transfer

179 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request www.paypal.com.account.restore.htm
www.alternativa.pp.ua/
21 KB
21 KB
Document
General
Full URL
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
f99c7f665d052ca6063a6c7846af5435e4c5167d7d102cc596d13aea00b5fc1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
xpt.css
www.alternativa.pp.ua/Confirm_files/
56 KB
56 KB
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/xpt.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
cd5a6a18083698c74db9d1644f53d10303e981cc29caa115dc19cafc2e1a207d

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-de16"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56854
xptInvoice.css
www.alternativa.pp.ua/Confirm_files/
1 KB
1 KB
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/xptInvoice.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
2a8e6a8742ec1caac701bad4c6458fd905a694d9c21e746adca2d4c1b4a7f18f

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-495"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1173
xptObsolete.css
www.alternativa.pp.ua/Confirm_files/
2 KB
2 KB
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/xptObsolete.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
ee3d88c6d37622aee16048802349e042ed533344273360a69b8d96303d2c63a8

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-892"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2194
xptlive.css
www.alternativa.pp.ua/Confirm_files/
69 B
69 B
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/xptlive.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
fc9698b26e3f3c85518fc670a6237b3182aa302a788ae0a32971d2a7c9c17b8b

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-45"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69
default.css
www.alternativa.pp.ua/Confirm_files/
302 B
302 B
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/default.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
c0c2ac6194bc25d4f05da3c6c50197ae54022385171cb6aa144ae097bac5edc9

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:14 GMT
Server
nginx/1.12.1
ETag
"49e06902-12e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
302
flowSignUpQuickHits.css
www.alternativa.pp.ua/Confirm_files/
2 KB
2 KB
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/flowSignUpQuickHits.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
a0be3b68e5edea38e7ab58ee6234d4af49518952c7364f2ad005e11d3379d98f

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:14 GMT
Server
nginx/1.12.1
ETag
"49e06902-8d8"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2264
legal.css
www.alternativa.pp.ua/Confirm_files/
529 B
529 B
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/legal.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
025567cd7091f27d9f94bd78689507299842c4ed8a917dcc952b33e28ab7229b

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-211"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
529
lang.css
www.alternativa.pp.ua/Confirm_files/
165 B
165 B
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/lang.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
059563099ba83976fde23e301cc02a33a4f4ac6968ad6a0dcdc9b4760e4e6976

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-a5"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165
pp_main.js
www.alternativa.pp.ua/Confirm_files/
35 KB
35 KB
Script
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/pp_main.js
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
7049617a09c3ed36cefc1690ae0be2ebe8e5053137424095282f464407977c47

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-8d41"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36161
paypal_logo.gif
www.alternativa.pp.ua/Confirm_files/
1 KB
1 KB
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/paypal_logo.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
57ec72c70bf1eff7a24b120662527955a6a406f726bb52efcd863146d3891697

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-45b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1115
pixel.gif
www.alternativa.pp.ua/Confirm_files/
43 B
43 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/pixel.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
arrow_forward.gif
www.alternativa.pp.ua/Confirm_files/
59 B
59 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/arrow_forward.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
cb690eb637ec1b9ed96dfd0d9e6c68f39d56afe17b0061b7d53299f839276bea

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-3b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59
secure_lock_2.gif
www.alternativa.pp.ua/Confirm_files/
243 B
243 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/secure_lock_2.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
c86bfae33486f088cc7e1481948d3328126a1ca553248e48ab4a4bef4bfcf481

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-f3"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243
logo_ccVisa.gif
www.alternativa.pp.ua/Confirm_files/
347 B
347 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/logo_ccVisa.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
f86e5a589b655e339f9105a1f73c1feb97e184be0eb43dc683d158a937b0b669

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-15b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
347
logo_ccMC.gif
www.alternativa.pp.ua/Confirm_files/
894 B
894 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/logo_ccMC.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
9c2b8be7a09a43662503b1f9862c4f1f790179f2a3d1de44355efce4b22114e9

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-37e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
894
logo_ccAmex.gif
www.alternativa.pp.ua/Confirm_files/
1 KB
1 KB
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/logo_ccAmex.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
0966e01febe49f9374b29f391aa5413a052632d405bc0dd70e34e82bfd3839aa

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-5a7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1447
logo_ccDiscover.gif
www.alternativa.pp.ua/Confirm_files/
754 B
754 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/logo_ccDiscover.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
e84d566f7903e567fe6035d03a7abdfe43f3f87febcacf73317fcff941c6570e

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-2f2"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
754
logo_ccEcheck.gif
www.alternativa.pp.ua/Confirm_files/
809 B
809 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/logo_ccEcheck.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
4dc0347e0645bb3625c1dd400f3a4109d79efc3da599164df165e1f40867a5ba

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-329"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
809
PayPal_mark_37x23.gif
www.alternativa.pp.ua/Confirm_files/
812 B
812 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/PayPal_mark_37x23.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
39ae331982adf61d71998f20ea8da7caeca52d5ff98552850bbe0af9b86a838a

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-32c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
812
mini_cvv2.gif
www.alternativa.pp.ua/Confirm_files/
509 B
509 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/mini_cvv2.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
275b7a867831a923bb2ab17160004afef43973ac2192b04724506608b8255d99

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-1fd"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
509
secret.jpg
www.alternativa.pp.ua/Confirm_files/
3 KB
3 KB
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/secret.jpg
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
f891b7d29b25582bf486b5f44dda9c17b1e1eed84b58112471fed4fe6f9e8a1d

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:14 GMT
Server
nginx/1.12.1
ETag
"49e06902-a95"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2709
icon_hearing_14x13.gif
www.alternativa.pp.ua/Confirm_files/
210 B
210 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/icon_hearing_14x13.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
216bf785c03f93d2cc074f0c5805c9dd369142c83a11d228682a54f88dbe2079

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-d2"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
210
bnr_PVNbnr3_120x600.gif
www.alternativa.pp.ua/Confirm_files/
21 KB
21 KB
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/bnr_PVNbnr3_120x600.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
7b732f35410412d57eeca996de3dc7df62115027aa46d810ee23759bc8d64768

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-55ee"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21998
pp_naturalsearch.js
www.alternativa.pp.ua/Confirm_files/
1 KB
1 KB
Script
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/pp_naturalsearch.js
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
682206f21497106150a7d916deeeb50b75249e2a42ea9fe54c02ab4da24f0ec2

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-570"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1392
pp_jscode_080706.js
www.alternativa.pp.ua/Confirm_files/
28 KB
28 KB
Script
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/pp_jscode_080706.js
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
c65023d55c383d81386211859b6e58cbc723abd7f32dc060f6acd4b5ad06e5e9

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-6f1a"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28442
s45266947164694.gif
www.alternativa.pp.ua/Confirm_files/
43 B
43 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/s45266947164694.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
whv2_001.js
www.alternativa.pp.ua/Confirm_files/
669 B
669 B
Script
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/whv2_001.js
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
d4b2dc7b27e58e185c603b96b6d2a115f483e0e2ee31e401f72b459aaef964ca

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-29d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
669
visit.gif
www.alternativa.pp.ua/Confirm_files/
85 B
85 B
Image
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/visit.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
148bb6e7cdf1ca5053df6028be0a955ee1ea71402486dc398ac91992c13696e6

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Sat, 11 Apr 2009 09:55:16 GMT
Server
nginx/1.12.1
ETag
"49e06904-55"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85
common.css
www.alternativa.pp.ua/Confirm_files/
0
0
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/common.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
flexible.css
www.alternativa.pp.ua/
0
0
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/flexible.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
start.css
www.alternativa.pp.ua/Confirm_files/
0
0
Stylesheet
General
Full URL
http://www.alternativa.pp.ua/Confirm_files/start.css
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:01 GMT
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
btn_main_1x50.gif
www.alternativa.pp.ua/en_US/i/btn/
317 B
0
Image
General
Full URL
http://www.alternativa.pp.ua/en_US/i/btn/btn_main_1x50.gif
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
188.120.245.188 , Russian Federation, ASN29182 (ISPSYSTEM-AS ISPsystem Autonomous System, LU),
Reverse DNS
for-ns.ru
Software
nginx/1.12.1 /
Resource Hash
7c1cd2e59b62996048a8571c214be59acb279ad0f5ed2317bf74b5cf317aae04

Request headers

Referer
http://www.alternativa.pp.ua/Confirm_files/flowSignUpQuickHits.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
visit.gif
visit.webhosting.yahoo.com/
85 B
85 B
Image
General
Full URL
http://visit.webhosting.yahoo.com/visit.gif?&r=&b=Netscape%205.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20HeadlessChrome/59.0.3071.115%20Safari/537.36&s=1600x1200&o=Linux%20x86_64&c=24&j=false&v=1.2
Requested by
Host: www.alternativa.pp.ua
URL: http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
Protocol
HTTP/1.1
Server
98.138.79.19 Sunnyvale, United States, ASN36646 (YAHOO-NE1 - Yahoo, US),
Reverse DNS
mgrats.geo.vip.ne1.yahoo.com
Software
ATS /
Resource Hash
148bb6e7cdf1ca5053df6028be0a955ee1ea71402486dc398ac91992c13696e6

Request headers

Referer
http://www.alternativa.pp.ua/www.paypal.com.account.restore.htm
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 09 Aug 2017 19:30:02 GMT
Last-Modified
Mon, 22 May 2017 19:11:37 GMT
Server
ATS
Age
0
P3P
policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
85

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

visit.webhosting.yahoo.com
www.alternativa.pp.ua
188.120.245.188
98.138.79.19
025567cd7091f27d9f94bd78689507299842c4ed8a917dcc952b33e28ab7229b
059563099ba83976fde23e301cc02a33a4f4ac6968ad6a0dcdc9b4760e4e6976
0966e01febe49f9374b29f391aa5413a052632d405bc0dd70e34e82bfd3839aa
148bb6e7cdf1ca5053df6028be0a955ee1ea71402486dc398ac91992c13696e6
216bf785c03f93d2cc074f0c5805c9dd369142c83a11d228682a54f88dbe2079
275b7a867831a923bb2ab17160004afef43973ac2192b04724506608b8255d99
2a8e6a8742ec1caac701bad4c6458fd905a694d9c21e746adca2d4c1b4a7f18f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
39ae331982adf61d71998f20ea8da7caeca52d5ff98552850bbe0af9b86a838a
4dc0347e0645bb3625c1dd400f3a4109d79efc3da599164df165e1f40867a5ba
57ec72c70bf1eff7a24b120662527955a6a406f726bb52efcd863146d3891697
682206f21497106150a7d916deeeb50b75249e2a42ea9fe54c02ab4da24f0ec2
7049617a09c3ed36cefc1690ae0be2ebe8e5053137424095282f464407977c47
7b732f35410412d57eeca996de3dc7df62115027aa46d810ee23759bc8d64768
7c1cd2e59b62996048a8571c214be59acb279ad0f5ed2317bf74b5cf317aae04
9c2b8be7a09a43662503b1f9862c4f1f790179f2a3d1de44355efce4b22114e9
a0be3b68e5edea38e7ab58ee6234d4af49518952c7364f2ad005e11d3379d98f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
c0c2ac6194bc25d4f05da3c6c50197ae54022385171cb6aa144ae097bac5edc9
c65023d55c383d81386211859b6e58cbc723abd7f32dc060f6acd4b5ad06e5e9
c86bfae33486f088cc7e1481948d3328126a1ca553248e48ab4a4bef4bfcf481
cb690eb637ec1b9ed96dfd0d9e6c68f39d56afe17b0061b7d53299f839276bea
cd5a6a18083698c74db9d1644f53d10303e981cc29caa115dc19cafc2e1a207d
d4b2dc7b27e58e185c603b96b6d2a115f483e0e2ee31e401f72b459aaef964ca
e84d566f7903e567fe6035d03a7abdfe43f3f87febcacf73317fcff941c6570e
ee3d88c6d37622aee16048802349e042ed533344273360a69b8d96303d2c63a8
f86e5a589b655e339f9105a1f73c1feb97e184be0eb43dc683d158a937b0b669
f891b7d29b25582bf486b5f44dda9c17b1e1eed84b58112471fed4fe6f9e8a1d
f99c7f665d052ca6063a6c7846af5435e4c5167d7d102cc596d13aea00b5fc1b
fc9698b26e3f3c85518fc670a6237b3182aa302a788ae0a32971d2a7c9c17b8b