vkttm.uz Open in urlscan Pro
91.212.89.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://europreven.es/admins/cssx/
Effective URL:
http://vkttm.uz/wp-includes/ID4/particulares
Submission: On March 03 via manual (March 3rd 2020, 6:14:58 am UTC) from ES

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 91.212.89.68, located in Uzbekistan and belongs to UZINFOCOM, UZ. The main domain is vkttm.uz.

This is the only time vkttm.uz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 2	176.28.115.145 176.28.115.145	16371 (ACENS_AS ...) (ACENS_AS (Spain) Hosting)
1 15	91.212.89.68 91.212.89.68	48979 (UZINFOCOM) (UZINFOCOM)
14	1

2 176.28.115.145 (Spain) 2 redirects

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: balanceo1.cloud-services.es

europreven.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.europreven.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 91.212.89.68 (Uzbekistan) 1 redirects

ASN48979 (UZINFOCOM, UZ)
PTR: ns4.uzinfocom.uz

vkttm.uz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	vkttm.uz 1 redirects vkttm.uz	514 KB
2	europreven.es 2 redirects europreven.es www.europreven.es	603 B
14	2

	Domain	Requested by
15	vkttm.uz	1 redirects vkttm.uz
1	www.europreven.es	1 redirects
1	europreven.es	1 redirects
14	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://vkttm.uz/wp-includes/ID4/particulares
Frame ID: 54C622948028CD44DE7D64117B7122B4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://europreven.es/admins/cssx/ HTTP 301
https://www.europreven.es/admins/cssx/ HTTP 302
http://vkttm.uz/wp-includes/ID4/ HTTP 302
http://vkttm.uz/wp-includes/ID4/particulares Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /angular.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

2
Countries

514 kB
Transfer

1151 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://europreven.es/admins/cssx/ HTTP 301
https://www.europreven.es/admins/cssx/ HTTP 302
http://vkttm.uz/wp-includes/ID4/ HTTP 302
http://vkttm.uz/wp-includes/ID4/particulares Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set particulares Show response vkttm.uz/wp-includes/ID4/ Redirect Chain https://europreven.es/admins/cssx/ https://www.europreven.es/admins/cssx/ http://vkttm.uz/wp-includes/ID4/ http://vkttm.uz/wp-includes/ID4/particulares	12 KB 4 KB	430ms 429ms	Document text/html	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PHP/7.1.33 PleskLin Resource Hash `7560e203d51b1118270cb51cb43eaa944a863aaa0fd14f2d78820e00e0b9e765` Request headers Host vkttm.uz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx Date Tue, 03 Mar 2020 06:15:13 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.1.33 PleskLin Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=bvcfpirjstcetctsa63julcmq3; path=/; HttpOnly Content-Encoding gzip Redirect headers Server nginx Date Tue, 03 Mar 2020 06:15:12 GMT Content-Type text/html; charset=UTF-8 Content-Length 0 Connection keep-alive X-Powered-By PHP/7.1.33 PleskLin Location particulares
GET H/1.1	200 OK	main.a5beaad1.css vkttm.uz/wp-includes/ID4/style//	314 KB 53 KB	116ms 115ms	Stylesheet text/css	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `65b5e9af6fe2f36bf2978fb062ac3f0844156e1b4880c01f615fba2354ddfa87` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-4e9fe" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	angular.min.js Show response vkttm.uz/wp-includes/ID4/style/js/	163 KB 63 KB	219ms 205ms	Script text/javascript	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style/js/angular.min.js Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-28cdb" Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	jquery.min.js Show response vkttm.uz/wp-includes/ID4/style/js/	286 KB 93 KB	221ms 206ms	Script text/javascript	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-478d0" Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	jquery.validate.min.js Show response vkttm.uz/wp-includes/ID4/style/js/	49 KB 15 KB	219ms 204ms	Script text/javascript	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style/js/jquery.validate.min.js Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `ce0fe7f95d80802ce6db03b2d255ca1878f0f4be17048aaed326946d30804b61` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-c3f1" Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	200 OK	jquery.mask.js Show response vkttm.uz/wp-includes/ID4/style/js/	18 KB 5 KB	220ms 205ms	Script text/javascript	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style/js/jquery.mask.js Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-47fe" Transfer-Encoding chunked Content-Type text/javascript Connection keep-alive
GET H/1.1	404 Not Found	smarbannerimg.png vkttm.uz/wp-includes/ID4/images/	1023 B 1023 B	234ms 219ms	Image text/html	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Show image Full URL http://vkttm.uz/wp-includes/ID4/images/smarbannerimg.png Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/particulares Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / Resource Hash `f146500777e9ef29ccc6c56c0ec65c57c1654ee72cad82753c05efae6d826fba` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Tue, 06 Mar 2018 11:35:45 GMT Server nginx ETag W/"8c37cd-3ff-566bcd7e92e5d" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	200 OK	spring_afternoon_p.jpg vkttm.uz/wp-includes/ID4/style/	93 KB 93 KB	121ms 120ms	Image image/jpeg	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Show image Full URL http://vkttm.uz/wp-includes/ID4/style/spring_afternoon_p.jpg Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `34444af0a9d9d62ab7da2c6746f67248ceff50fa8450efadf2f2cf267a4d6332` Request headers Referer http://vkttm.uz/wp-includes/ID4/particulares User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag "5e5d1ec7-173fc" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 95228
GET H/1.1	200 OK	ico3.ttf vkttm.uz/wp-includes/ID4/style//	41 KB 25 KB	111ms 110ms	Font application/octet-stream	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//ico3.ttf Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `1845ede5d9bfae1cae119fe3a69e89ab429421712ad1623c5fbc8f29e7146366` Request headers Origin http://vkttm.uz Referer http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-a560" Transfer-Encoding chunked Content-Type text/plain Connection keep-alive
GET H/1.1	200 OK	ico.ttf vkttm.uz/wp-includes/ID4/style//	27 KB 16 KB	110ms 109ms	Font application/octet-stream	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//ico.ttf?xshdhgx Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `ee25342f45423d2d69e15fdfda470f1dc1fa575087642ee7cab540cd28fe9055` Request headers Origin http://vkttm.uz Referer http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-6dd0" Transfer-Encoding chunked Content-Type text/plain Connection keep-alive
GET H/1.1	200 OK	Lato-Regular.woff vkttm.uz/wp-includes/ID4/style//	37 KB 37 KB	110ms 110ms	Font application/octet-stream	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//Lato-Regular.woff Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `34a85643617aca507bef2c232955d2b27a131b39dd8cff33d567148024e7b460` Request headers Origin http://vkttm.uz Referer http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-9368" Transfer-Encoding chunked Content-Type text/plain Connection keep-alive
GET H/1.1	200 OK	Lato-Light.woff vkttm.uz/wp-includes/ID4/style//	35 KB 34 KB	121ms 121ms	Font application/octet-stream	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//Lato-Light.woff Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `47378272154e50107f0f3ffa755ca6fcd1495fdc931e922f880d7240f998029c` Request headers Origin http://vkttm.uz Referer http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-8ba4" Transfer-Encoding chunked Content-Type text/plain Connection keep-alive
GET H/1.1	200 OK	Lato-Semibold.woff vkttm.uz/wp-includes/ID4/style//	38 KB 38 KB	112ms 111ms	Font application/octet-stream	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//Lato-Semibold.woff Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `15f0dbfdc7e0142e35e0cfad279b9162494ebe5d2d2f0dcd19b079c4e4a48682` Request headers Origin http://vkttm.uz Referer http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:13 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-9690" Transfer-Encoding chunked Content-Type text/plain Connection keep-alive
GET H/1.1	200 OK	Lato-Bold.woff vkttm.uz/wp-includes/ID4/style//	36 KB 36 KB	314ms 110ms	Font application/octet-stream	91.212.89.68 UZINFOCOM
General Check archive.org Show headers Download Go to Full URL http://vkttm.uz/wp-includes/ID4/style//Lato-Bold.woff Requested by Host: vkttm.uz URL: http://vkttm.uz/wp-includes/ID4/style/js/jquery.min.js Protocol HTTP/1.1 Server 91.212.89.68 , Uzbekistan, ASN48979 (UZINFOCOM, UZ), Reverse DNS ns4.uzinfocom.uz Software nginx / PleskLin Resource Hash `8194873b3cd30305dda0b8b5e8db89e48a977f086b7f22781f2e53e34fe362e5` Request headers Origin http://vkttm.uz Referer http://vkttm.uz/wp-includes/ID4/style//main.a5beaad1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Mar 2020 06:15:14 GMT Content-Encoding gzip Last-Modified Mon, 02 Mar 2020 14:57:11 GMT Server nginx X-Powered-By PleskLin ETag W/"5e5d1ec7-9038" Transfer-Encoding chunked Content-Type text/plain Connection keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vkttm.uz/	1969-12-31 23:59:59	Name: PHPSESSID Value: bvcfpirjstcetctsa63julcmq3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

europreven.es
vkttm.uz
www.europreven.es
176.28.115.145
91.212.89.68
15f0dbfdc7e0142e35e0cfad279b9162494ebe5d2d2f0dcd19b079c4e4a48682
1845ede5d9bfae1cae119fe3a69e89ab429421712ad1623c5fbc8f29e7146366
34444af0a9d9d62ab7da2c6746f67248ceff50fa8450efadf2f2cf267a4d6332
34a85643617aca507bef2c232955d2b27a131b39dd8cff33d567148024e7b460
47378272154e50107f0f3ffa755ca6fcd1495fdc931e922f880d7240f998029c
65b5e9af6fe2f36bf2978fb062ac3f0844156e1b4880c01f615fba2354ddfa87
692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d
7560e203d51b1118270cb51cb43eaa944a863aaa0fd14f2d78820e00e0b9e765
8194873b3cd30305dda0b8b5e8db89e48a977f086b7f22781f2e53e34fe362e5
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
ce0fe7f95d80802ce6db03b2d255ca1878f0f4be17048aaed326946d30804b61
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
ee25342f45423d2d69e15fdfda470f1dc1fa575087642ee7cab540cd28fe9055
f146500777e9ef29ccc6c56c0ec65c57c1654ee72cad82753c05efae6d826fba

vkttm.uz Open in urlscan Pro 91.212.89.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

1 IPs

2 Countries

514 kBTransfer

1151 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Indicators

vkttm.uz Open in urlscan Pro
91.212.89.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

2
Countries

514 kB
Transfer

1151 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!