pakersi-pl.cloud Open in urlscan Pro
2606:4700:3033::6815:3f36  Malicious Activity! Public Scan

URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Submission: On September 30 via api from JP — Scanned from JP

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::6815:3f36, located in United States and belongs to CLOUDFLARENET, US. The main domain is pakersi-pl.cloud.
TLS certificate: Issued by E1 on September 27th 2022. Valid for: 3 months.
This is the only time pakersi-pl.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
11 1
Apex Domain
Subdomains
Transfer
11 pakersi-pl.cloud
pakersi-pl.cloud
646 KB
11 1
Domain Requested by
11 pakersi-pl.cloud pakersi-pl.cloud
11 1

This site contains no links.

Subject Issuer Validity Valid
*.pakersi-pl.cloud
E1
2022-09-27 -
2022-12-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Frame ID: CD99F0A419ADA165BF1D7546C829169A
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

PayU

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

646 kB
Transfer

740 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3du48A
pakersi-pl.cloud/6g028iToCWgQtAbj/
13 KB
4 KB
Document
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
4a097c2d3d05bd64e26d00d61f9b82c4c38b9d1074138f0405721738b70dce40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
752a578df8a52059-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 04:51:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1R3CubaDeEs1KM0Fju8USxlpcH%2FxrZkTPbiRFcTSOty%2F1%2B8%2F23PVqWTbkUlK6rAdtzT%2Bzklbyxl%2B5A5fqnsQr0gQyTZVpy%2BbuwN7v0OfNx5yJ34gtO1P4KoTFWqrsD0UynrKPDeACVmeM5KbNUH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
c81d7f4c61978503f820f6fb0a0479b52.css
pakersi-pl.cloud/6g028iToCWgQtAbj/css/
38 KB
10 KB
Stylesheet
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
da48cfd5069dedfac0ac5723904cdc34a5a5ff27f9e0a34510e0b5a9a1ab83e8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 04:51:12 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ifq2ID7n0kYbmUP54dtPVKy2gdRO1XV3eI3aCDY9hSy6NHM%2BRSuAC7fZziMl8NAJ3tHuwXynyvqF1StDT%2Fuf6tZecW6DfTDXUfbEPFxJOR%2FcxORK%2BRmG%2FlUsEDcX57TtBg%2BAtsaGy5Wl7n2xSw5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
752a57918b182059-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.js
pakersi-pl.cloud/6g028iToCWgQtAbj/
86 KB
31 KB
Script
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/jquery.js
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 04:51:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 15:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6325edde-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBHl6F1uf1UQjX7IMnX4WAWRM%2BDWlr4r8Tj7YMaiHpHm4cY1%2BTKU0MpbWqd8rEuCK151NNdWZXoaIcEzYs5C7uGXhlnzMpp2XW6%2FTl%2Fcodz4G9x7efgcoI9ql6e6bKtBqGxNPiusfKv0VLKpk1Cx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
752a57918b1b2059-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
92a5d7e759e97a7c14b2c37ae1d65be5.jpg
pakersi-pl.cloud/6g028iToCWgQtAbj/css/
59 KB
60 KB
Image
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/92a5d7e759e97a7c14b2c37ae1d65be5.jpg
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
c021fca6eaa6c32a687dee0b4c6a04ef9798606c87d7ef7c95b3f594930a6d9c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 04:51:13 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHvckIYD9SzqIbsObdW45ICXsc6g%2BLNz265JCibd6L4UDcH6rnFmyQZrzxmrmzBLWDLJ5OrAHsO6vF4yqlCrkqxbXiQxa3NxJZJJozKcOfj9T7qYHrTHNUzEY3Jgd6GvB5hvwvnpK9t74fQq8ezH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
752a57976c278a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
5432b3c3c7b2bdf2bce92b2ce338b674.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/
5 KB
6 KB
Image
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/5432b3c3c7b2bdf2bce92b2ce338b674.png
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
ea50a995d4e2c0c86156bbc4c23ae8f0568a2dc86e8aeca9d7b8518a4538963b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 04:51:13 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0xSMeWbX3gOlMf1hxHEC5h1O0WueT54mjpElUZ8vKVp80DUgXdG3LD42xA%2BASqT88jNWA8oAZWwt%2B9U5Y4NM6XzhClUAWdGG7H3GxLiU%2F1WSYePqoVmGYa%2BHWdCAYiWryBJhjYFPftDp%2F50iIlF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
752a57976c288a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5442
expires
Thu, 19 Nov 1981 08:52:00 GMT
8883f7a587e65eefe5066bc76890e0b9.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/
135 KB
135 KB
Image
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/8883f7a587e65eefe5066bc76890e0b9.png
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
ca4d68366ad9285dd9892e94c3de926aff69f972aaa0b5beb5b892393e2627ec

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 04:51:13 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNdkH9LClj6OhiiggHYno5EXfGncKLOs3ZnvZp047GDQGSct%2FS9%2FTVpKup%2FCpCC5wBnio5mAg6chcFRy8oXds36iO7oA8weMIYLC%2FAsDuwO20x1b83ETsarQfMxtOE19hsmu1h8FZ4rFAiGs6%2BJU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
752a57976c298a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
de83b2b5db7361102f08e7b085d1c497.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/
1 KB
2 KB
Image
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/de83b2b5db7361102f08e7b085d1c497.png
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
dfc6ae98069bde2789c145cf60ace6375d4fdeb8a52e07968a3218f98e98bf98

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 04:51:13 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oEGtqriZmfzM%2Ff%2BQTIZHBYVa7O4%2FOm1nPIA6aDapeO0RQydBqcrcrKaB0kDPmkWiYYjoe1zvvdgw3Cs%2BTcGi583AomF7lQiFcP7cAYVs%2B7cJFVm9Rowl8LiRb0diyYwwXjeqCEGaB%2FyZ2vF9Y90"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
752a57976c2a8a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1393
expires
Thu, 19 Nov 1981 08:52:00 GMT
opensans-regular-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/
87 KB
88 KB
Font
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/opensans-regular-webfont.woff
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1

Request headers

Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Origin
https://pakersi-pl.cloud
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 04:51:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 15:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15de8-5e8e180dc976a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7wf1QFh%2BuiFADrXPMzlMEyZ3%2FNHCn2dsBzA%2FhcNGvPZuBEzz0ViVBhS7lSjBuhpFXrZk%2BeS3Nd71qTrKP2ikif%2FBqgYSzC5wtETkepnQDAYg7DfdqGCuUcTPhGJKzaMtjDBZRwTvkMGWrW6sJR4"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
752a57976c2b8a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
opensans-light-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/
84 KB
85 KB
Font
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/opensans-light-webfont.woff
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab

Request headers

Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Origin
https://pakersi-pl.cloud
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 04:51:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 15:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15000-5e8e180dc8bb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KymswQxxeVmM4JUwSL1WWmbp8SYkbI5cNovqxWIqHJu8azjZ4bJg9Wi7W5546dV8OsVQdGwHh7kwODoTOf%2FUVKhDZ7obagUNjIRqMUmn0fuwg4jvnZgAy64SkePqr8ewZXSSr31WHoY9zx9CxjRT"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
752a57977c308a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
opensans-semibold-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/
89 KB
90 KB
Font
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/opensans-semibold-webfont.woff
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae

Request headers

Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Origin
https://pakersi-pl.cloud
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 04:51:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 15:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16420-5e8e180dca322"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM0%2Fm4dOzjbtwmXhjMYLl%2BfBnfyQ8WEO1ZXXAKV%2Ft7yiwBSTWEMkkeTA23OdwpczPWaNLYktr%2BPAO%2FgAL7a3QLq%2B2tWc3ukaSgLbG%2BGwfNKXyUztR5lds7wf%2FGa911lfvi6PDPPXzX0gvgTwmlTV"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
752a57977c318a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
PFBeauSansPro-Bold.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/
142 KB
136 KB
Font
General
Full URL
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/PFBeauSansPro-Bold.woff
Requested by
Host: pakersi-pl.cloud
URL: https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8

Request headers

Referer
https://pakersi-pl.cloud/6g028iToCWgQtAbj/css/c81d7f4c61978503f820f6fb0a0479b52.css
Origin
https://pakersi-pl.cloud
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 04:51:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 15:55:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2374c-5e8e180dcc64a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjaYjva75eqSIrQcSBQUpM5%2B7l1Lzx%2FKYSMVZR7mTkSrmycdKbhxncvwaQnDkfKZtax9tRscSZwqLQ%2FWhxx9P%2BkaOCNNI2fp5eUpUBaEJmQYmq4ImQ8%2B2N5tezj19aj0Bp2HpWpBkc975dYjCFQo"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
752a57977c328a60-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| y2302c4ce function| online

7 Cookies

Domain/Path Name / Value
pakersi-pl.cloud/6g028iToCWgQtAbj Name: a1b8f4b55de5d0fa4518e128d36585a4
Value: 2811923897
pakersi-pl.cloud/6g028iToCWgQtAbj Name: 666e5e39d3555a00f6e9dcf49b964b90
Value: 4100505570
pakersi-pl.cloud/6g028iToCWgQtAbj Name: cd0b5790aa8f1de0a7bec9ef3e1ae8e4
Value: 1634433973
pakersi-pl.cloud/6g028iToCWgQtAbj Name: df878eb9c3d9ee3c69c2cc7249918d77
Value: 2342099864
pakersi-pl.cloud/6g028iToCWgQtAbj Name: 00409d4f0676c83e3bb7c3e78eda49d6
Value: 1438307689
pakersi-pl.cloud/6g028iToCWgQtAbj Name: df990fa782a9be4a6e230b8d2de1c631
Value: 4117578903
pakersi-pl.cloud/ Name: PHPSESSID
Value: d84nqj5d353gnm8lcd36ucp9f3