pakersi-pl.cloud
Open in
urlscan Pro
2606:4700:3033::6815:3f36
Malicious Activity!
Public Scan
Submission: On September 30 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by E1 on September 27th 2022. Valid for: 3 months.
This is the only time pakersi-pl.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayU (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2606:4700:303... 2606:4700:3033::6815:3f36 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
pakersi-pl.cloud
pakersi-pl.cloud |
646 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | pakersi-pl.cloud |
pakersi-pl.cloud
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.pakersi-pl.cloud E1 |
2022-09-27 - 2022-12-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Frame ID: CD99F0A419ADA165BF1D7546C829169A
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
3du48A
pakersi-pl.cloud/6g028iToCWgQtAbj/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c81d7f4c61978503f820f6fb0a0479b52.css
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
38 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
pakersi-pl.cloud/6g028iToCWgQtAbj/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
92a5d7e759e97a7c14b2c37ae1d65be5.jpg
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5432b3c3c7b2bdf2bce92b2ce338b674.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8883f7a587e65eefe5066bc76890e0b9.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
135 KB 135 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
de83b2b5db7361102f08e7b085d1c497.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-regular-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
87 KB 88 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-light-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
84 KB 85 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-semibold-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
89 KB 90 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PFBeauSansPro-Bold.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
142 KB 136 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayU (Financial)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| y2302c4ce function| online7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: a1b8f4b55de5d0fa4518e128d36585a4 Value: 2811923897 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: 666e5e39d3555a00f6e9dcf49b964b90 Value: 4100505570 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: cd0b5790aa8f1de0a7bec9ef3e1ae8e4 Value: 1634433973 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: df878eb9c3d9ee3c69c2cc7249918d77 Value: 2342099864 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: 00409d4f0676c83e3bb7c3e78eda49d6 Value: 1438307689 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: df990fa782a9be4a6e230b8d2de1c631 Value: 4117578903 |
|
pakersi-pl.cloud/ | Name: PHPSESSID Value: d84nqj5d353gnm8lcd36ucp9f3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pakersi-pl.cloud
2606:4700:3033::6815:3f36
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
4a097c2d3d05bd64e26d00d61f9b82c4c38b9d1074138f0405721738b70dce40
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
c021fca6eaa6c32a687dee0b4c6a04ef9798606c87d7ef7c95b3f594930a6d9c
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
ca4d68366ad9285dd9892e94c3de926aff69f972aaa0b5beb5b892393e2627ec
da48cfd5069dedfac0ac5723904cdc34a5a5ff27f9e0a34510e0b5a9a1ab83e8
dfc6ae98069bde2789c145cf60ace6375d4fdeb8a52e07968a3218f98e98bf98
ea50a995d4e2c0c86156bbc4c23ae8f0568a2dc86e8aeca9d7b8518a4538963b