www.panaceumgabinety.pl
Open in
urlscan Pro
88.198.241.36
Malicious Activity!
Public Scan
URL:
http://www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/
Submission: On August 24 via automatic, source openphish
Submission: On August 24 via automatic, source openphish
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 8 HTTP transactions.
The main IP is 88.198.241.36, located in
Germany and
belongs to HETZNER-AS, DE.
The main domain is www.panaceumgabinety.pl.
This is the only time www.panaceumgabinety.pl was scanned on urlscan.io!
This is the only time www.panaceumgabinety.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Banking (Banking) Chase (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 8 | 88.198.241.36 88.198.241.36 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 8 | 1 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
panaceumgabinety.pl
www.panaceumgabinety.pl |
132 KB |
| 8 | 1 |
| Domain | Requested by | |
|---|---|---|
| 8 | www.panaceumgabinety.pl |
www.panaceumgabinety.pl
|
| 8 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/
Frame ID: 6957.1
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/ |
9 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
anon.js
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
log.png
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/images/ |
94 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer.png
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demo.png
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sss.png
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
confirmacc.png
www.panaceumgabinety.pl/wp-admin/chase/d4e42f36406792bd913ff5d60d97c97e/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Banking (Banking) Chase (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.panaceumgabinety.pl
88.198.241.36
040cfa49f8d0b1472749bec545ae0e0a81f6faa42a8beb51ce98259a9090b59c
3f73e68e19848f01f7d73527045daf9bd1ab75aa5e55970c5a46c0f81112e583
60af457dc2128441ce50dbb9b213d133dc57471f5db7184da8f3c051885d6599
61d72488b597b64396b1cca9e6d3b3e37473d014e48f29d810da8ad3b55a6442
7e8d04e1f7241e07de3b83d958ef0cfd8cb70b1cb73435c31e7c56fedecec63e
b611a94bcbc47bd1ca5e1428799bbff4adac65ca466ff0363c4442bdd294386e
cb26bd8709b19da0321daa6e0cc9e6da48c76acb2fd973091584f4e783ef8659
ec7a745cc8a839c632a330e8899146f062ea38822f3c360af1d448e401e0773e