zppwpailkq.cfolks.pl
Open in
urlscan Pro
185.208.164.58
Malicious Activity!
Public Scan
Effective URL: https://zppwpailkq.cfolks.pl/ar/web/login.php
Submission: On September 30 via manual from IT — Scanned from AT
Summary
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 25th 2024. Valid for: a year.
This is the only time zppwpailkq.cfolks.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aruba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 172.67.69.88 172.67.69.88 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 162.0.209.240 162.0.209.240 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
2 32 | 185.208.164.58 185.208.164.58 | 41079 (CF-GDA) (CF-GDA) | |
1 | 142.250.186.106 142.250.186.106 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.186.67 142.250.186.67 | 15169 (GOOGLE) (GOOGLE) | |
35 | 4 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business99-3.web-hosting.com
vshorturl.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
cfolks.pl
2 redirects
zppwpailkq.cfolks.pl |
157 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
shorturl.at
2 redirects
shorturl.at — Cisco Umbrella Rank: 67962 www.shorturl.at — Cisco Umbrella Rank: 76894 |
1 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
853 B |
1 |
vshorturl.com
1 redirects
vshorturl.com |
1 KB |
35 | 5 |
Domain | Requested by | |
---|---|---|
32 | zppwpailkq.cfolks.pl |
2 redirects
zppwpailkq.cfolks.pl
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
zppwpailkq.cfolks.pl
|
1 | vshorturl.com | 1 redirects |
1 | www.shorturl.at | 1 redirects |
1 | shorturl.at | 1 redirects |
35 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
managehosting.aruba.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cfolks.pl Certum Domain Validation CA SHA2 |
2024-07-25 - 2025-07-25 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-08-26 - 2024-11-18 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-08-26 - 2024-11-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://zppwpailkq.cfolks.pl/ar/web/login.php
Frame ID: AEA4AD5DAD19F8A779FA6194BD414B9C
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Servizio Hosting - Aruba.itPage URL History Show full URLs
-
https://shorturl.at/jULkP
HTTP 301
https://www.shorturl.at/jULkP HTTP 302
https://vshorturl.com/4p0yg HTTP 301
https://zppwpailkq.cfolks.pl/ar/ HTTP 302
https://zppwpailkq.cfolks.pl/ar/web/index.php HTTP 302
https://zppwpailkq.cfolks.pl/ar/web/login.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://shorturl.at/jULkP
HTTP 301
https://www.shorturl.at/jULkP HTTP 302
https://vshorturl.com/4p0yg HTTP 301
https://zppwpailkq.cfolks.pl/ar/ HTTP 302
https://zppwpailkq.cfolks.pl/ar/web/index.php HTTP 302
https://zppwpailkq.cfolks.pl/ar/web/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
zppwpailkq.cfolks.pl/ar/web/ Redirect Chain
|
22 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source.css
zppwpailkq.cfolks.pl/ar/web/res/ |
148 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PasswordScaduta_Include.css
zppwpailkq.cfolks.pl/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
back.jpg
zppwpailkq.cfolks.pl/ar/web/res/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info-information-circle.svg
zppwpailkq.cfolks.pl/ar/web/res/ |
822 B 346 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
eye-show.svg
zppwpailkq.cfolks.pl/ar/web/res/ |
2 KB 793 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
eye-hide.svg
zppwpailkq.cfolks.pl/ar/web/res/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main_separatore_5_5.gif
zppwpailkq.cfolks.pl/ar/web/res/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jq.js
zppwpailkq.cfolks.pl/ar/panel/res/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 853 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 96 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-user.png
zppwpailkq.cfolks.pl/ar/web/res/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-headset.png
zppwpailkq.cfolks.pl/ar/web/res/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
spy.php
zppwpailkq.cfolks.pl/ar/web/ |
0 36 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
zppwpailkq.cfolks.pl/ |
10 KB 3 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 13 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 23 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 13 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 36 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 13 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 13 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 44 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 13 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 36 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 13 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
1 B 21 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
processor.php
zppwpailkq.cfolks.pl/ar/panel/classes/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- zppwpailkq.cfolks.pl
- URL
- https://zppwpailkq.cfolks.pl/ar/panel/classes/processor.php
- Domain
- zppwpailkq.cfolks.pl
- URL
- https://zppwpailkq.cfolks.pl/ar/panel/classes/processor.php
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aruba (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| targets string| redirect function| clearRedirections3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vshorturl.com/ | Name: XSRF-TOKEN Value: eyJpdiI6InlqSUw0MzNLMm45QkYrcThWcE0wbmc9PSIsInZhbHVlIjoiMXJvak5VaWQrYkxCZGJxS1N3T2VkbmgxRVh1OG9LeWNESzIrdGZJS252V3I3S0xIL0ozb1BJcGN1Z05VbE5wbzlqbkJieUdsN3B5eXZxaVlzWEFuNk9JOXExa2E2Z3Z6OVQyMng4S0thZC84UEJJdU1nWU9tb2JOakVabTNkbXMiLCJtYWMiOiI1ZDc3ZGQ5OTNiNzJlZjMxYTFjMGMzMGE5YjM2NGRhNzM1ZWYwNTVmZjViMWVlMDA2OTdmZjFlZGE5YzM5MTE3IiwidGFnIjoiIn0%3D |
|
vshorturl.com/ | Name: phpshort_session Value: eyJpdiI6Ii9MdmZ4ZC9xeG9FRHNUd21WRUcrUVE9PSIsInZhbHVlIjoiak9UL0h1Uy8yRkVNdnhjS3BpUmg3YTMxSFl1WW9Dc3ZpSzJEVlBUeW04dkNBRm5zZHdJczNzOS9YL3lQNnVBU0hQTWpSblVUam4rZklxa0ZadUcyVTkxSCs0MzZkMEw5a01VaVNtY0d2QzZnVXdHS2QxdEM4U256MU80dDJDcXkiLCJtYWMiOiIwNjc4YWU5M2I5MzY1ZGM1ZmZjMTE1NDhmYjA3MWQ2YjRlMzIyM2U1Y2IzMjFjZDgxMDkzNTczNjkyNTMxMDVlIiwidGFnIjoiIn0%3D |
|
zppwpailkq.cfolks.pl/ | Name: PHPSESSID Value: f84ade31dc37a5a7415cd4dd65020d32 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
shorturl.at
vshorturl.com
www.shorturl.at
zppwpailkq.cfolks.pl
zppwpailkq.cfolks.pl
142.250.186.106
142.250.186.67
162.0.209.240
172.67.69.88
185.208.164.58
27a9a24907f8907c98afcf081684fe8fe95f3381ef49ff0d56c9e8e1eb525b6f
29a8f8021089bd7992ba31848989d2fd2cf61ebe778deb54edee6c89386ee644
2fa289bf10d54698c82688afb8590b3a223f074cb381a64f4806a8c5ced577f5
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6676b05ef9626756989d9dbc09608830af666a330ad1bfa12438b9775330c474
6c46bf722fb11c3066171661ece073b58b6ea6c16b00a9d3cc162a6f215b57f1
8e91faa0bf76338d5ae7ac5c911b0414877f9369794b61f9bca6602aa4bd9a00
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a525f163e73542be1b82c5ae4e4beed74d137d56161ac5b02833a279ef6d9b61
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
bcedcafd81248b08cb428b22618a38866d0cee85b4e9ecd27ef734d0533e2792
bcedd8f5b1acb515cecfe911027e6a0dfeb447b4e9c8613f5e4fab67930b7d54
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
fb085a8a374aa587c14d6d3a826ed0b4d28632e14d818dcbcd2207fd19657440