ww.paczkydpd.com Open in urlscan Pro
2606:4700:3033::6818:64dd Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ
Submission: On October 29 via api (October 29th 2020, 9:11:48 pm UTC) from PL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::6818:64dd, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww.paczkydpd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.

This is the only time ww.paczkydpd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

	IP Address		AS Autonomous System
13	2606:4700:303... 2606:4700:3033::6818:64dd		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	1

13 2606:4700:3033::6818:64dd (United States)

ASN13335 (CLOUDFLARENET, US)

ww.paczkydpd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	paczkydpd.com ww.paczkydpd.com	643 KB
13	1

	Domain	Requested by
13	ww.paczkydpd.com	ww.paczkydpd.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-29` - `2021-10-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ
Frame ID: EACF76B6ECA98123231BEA1B6CE4A9AD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

643 kB
Transfer

741 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request MjFwBJ Show response ww.paczkydpd.com/Z794bz9lRrf/	13 KB 4 KB	200ms 176ms	Document text/html	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `7849c12caa2bf7083b462b55d4b75fe55f73187f3ec518e841a7a55069ddb683` Request headers :method GET :authority ww.paczkydpd.com :scheme https :path /Z794bz9lRrf/MjFwBJ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 29 Oct 2020 21:11:31 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d3a815f2947efdf0efb8e4f1a3927dcbd1604005891; expires=Sat, 28-Nov-20 21:11:31 GMT; path=/; domain=.paczkydpd.com; HttpOnly; SameSite=Lax PHPSESSID=hespguunafivel90g5n7d8ced2; path=/ cc5a2535dbd070b58bb1e037ca1b07b3=2392823960; expires=Thu, 29-Oct-2020 22:06:12 GMT 7d3885e833e955e0330c5e1ff27571a8=1368089407; expires=Thu, 29-Oct-2020 22:06:58 GMT bb38a4fbdaf2ebf5e8ddf4f25d30c414=2055338133; expires=Thu, 29-Oct-2020 22:14:12 GMT 232196810447aef27ef95e38bccd5f8f=3199649503; expires=Thu, 29-Oct-2020 22:07:18 GMT daaac68572451bd4e6fa27ae492cf420=3885723151; expires=Thu, 29-Oct-2020 22:06:47 GMT 3480a6767866640c822a00d4c5ee56b5=421428973; expires=Thu, 29-Oct-2020 22:11:25 GMT vary Accept-Encoding x-powered-by PHP/5.4.16 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache cf-cache-status DYNAMIC cf-request-id 0617cca5b00000074202b27000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R11PHyylDxTZK3iJKSqiNwP4r1ixcktu6ZY9ne0B9yetdM0VWh1pZY1Bfw7ufYqbL7BOt18VTGJn5G8hvNOwCh3oWoskiv%2FakwpaZvNsFaMY5g8fdk22CQDFCoyc"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e9fe3b5eb750742-FRA content-encoding br
GET H2	200	c6c5c08148643c09c160dc5e4c72cc21c.css ww.paczkydpd.com/Z794bz9lRrf/css/	38 KB 9 KB	64ms 63ms	Stylesheet text/css	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `373a9dfada270ded30226322350d1e2a8e6c34c38c310d75b6cf4a7b9b24274b` Request headers Referer https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT content-encoding br cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/5.4.16 status 200 cf-request-id 0617cca666000007423b873000000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ISAwUbRUNOeTrAH9z1ffXoO4RA6sepUZpszq3HCyh7d4Ot5hjSbNkhf9lw80JHPIe5OuuH9KO%2BQk1iunlxBokepQl7kCIrIqlk%2BnW5G7fmOdMp0RmthV70hlsqsM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5e9fe3b70e7b0742-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jquery.js Show response ww.paczkydpd.com/Z794bz9lRrf/	86 KB 30 KB	20ms 20ms	Script application/javascript	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/jquery.js Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4179 status 200 cf-request-id 0617cca666000007422c210000000001 last-modified Thu, 29 Oct 2020 17:37:03 GMT server cloudflare etag W/"5f9afdbf-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FAQVn%2Fdlo2ACz8zXIF5LZ%2Frq44Bc%2Fywv2ji5W09HO710Ye%2FCOF6MRAcFfmjIk7RtYGYrQTyuSHPLa%2BSRjM4uXaC6hUqWiZyJCSVK5I000zcwjwcGJF7H8jrgRoOt"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 5e9fe3b70e800742-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	a1b701877b9ef0cdd01da3f1b8712b1d.jpg ww.paczkydpd.com/Z794bz9lRrf/css/	59 KB 60 KB	68ms 68ms	Image image/jpeg	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/a1b701877b9ef0cdd01da3f1b8712b1d.jpg Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `8f667283984aeb95f0b04701331ca8dc8c6a33d68e939b42e80ad53e9f76c830` Request headers Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 29 Oct 2020 21:11:31 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RVp8OaNnteV6hEoGp9IyLyKuYyDEtZzBcBQtcgMSvj17XOGYb1xef6oOHQiGkTcQhJWN6qVcF1SpqqgnW8oAfWUJj2aUywDvArzN9hF%2BaXjIj41hXe1NXchpLDWf"}],"group":"cf-nel","max_age":604800} content-type image/jpeg status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5e9fe3b78faf0742-FRA cf-request-id 0617cca6b100000742199e5000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	b2a436a97ea05c09da435d5d3ec89aed.png ww.paczkydpd.com/Z794bz9lRrf/css/	5 KB 6 KB	68ms 67ms	Image image/png	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/b2a436a97ea05c09da435d5d3ec89aed.png Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `1774194473bf08809713c9e71807684f1557cf263913978ed6d03235f00e2586` Request headers Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/5.4.16 status 200 content-length 5442 cf-request-id 0617cca6b10000074214988000000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gbpHpouFodSrChNyY2OKyR5H9PXl3NZVbUsR%2BtuLgOBpyaR%2BFGZe0eb9ngg7aaAQ5fwIIq3TvPOtoneMN77IThWXkFksjqDEWhJrRjCCNkQhkjKlXNzpl8lOaAJI"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes cf-ray 5e9fe3b78fb30742-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	e3f7249091527d51be8707d232893ada.png ww.paczkydpd.com/Z794bz9lRrf/css/	135 KB 135 KB	54ms 54ms	Image image/png	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/e3f7249091527d51be8707d232893ada.png Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `5b64c4e11bec961bc2da51713f7e53573b3740b98bf7970ba8d607892754feec` Request headers Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 29 Oct 2020 21:11:31 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BTlLReND7IQnvQ4wHRJSWJ%2BI5u8QI10wvtAIIZ9%2F4Aw47xJzTo2IdS%2Bmxt%2FS3KKxJqqWiARrO3dAy%2FRgeaw%2Ff%2FCAJQy67bGAWjr0fbONyq5WexK0Het49Mk%2FU7yy"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5e9fe3b78fb60742-FRA cf-request-id 0617cca6b100000742eab4a000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	50adfe48e2a41a5c252d26b0b969ca76.png ww.paczkydpd.com/Z794bz9lRrf/css/	1 KB 2 KB	66ms 66ms	Image image/png	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/50adfe48e2a41a5c252d26b0b969ca76.png Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `727934417bb065a144ebb17d9351d56a69cf1422d81ff7d70477a0543e2c07a5` Request headers Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/5.4.16 status 200 content-length 1393 cf-request-id 0617cca6b2000007422729d000000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IeHClq%2BS%2BLcjed0Vn9SWCKtNQ5qsHE9KKdb%2F8pWnP4yt7f%2FBKUsaX3NMVBr%2BzLmx5qh1Dl4llvJ4%2FHvccS5sj6okFBVFkljaODOtfhkA8te%2FIDloq2fwK%2FPXxr3J"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes cf-ray 5e9fe3b78fb80742-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	opensans-regular-webfont.woff ww.paczkydpd.com/Z794bz9lRrf/css/fonts/	87 KB 88 KB	17ms 17ms	Font application/font-woff	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/fonts/opensans-regular-webfont.woff Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1` Request headers Origin https://ww.paczkydpd.com Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4178 status 200 cf-request-id 0617cca6b6000007422c218000000001 last-modified Thu, 29 Oct 2020 17:37:03 GMT server cloudflare etag W/"15de8-5b2d2ba67e454" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vmg%2Foeeb19xhwfh3AB7dGHL9d0AWCFQ0fzmpbEvoVj3QnN6JMrHvkzDug9uR1JfvfNiYDrzP3Pt1gbtS1e5X%2B87NSkOcYYA2TdztmfxS9Ds8SKokD1V2MalSxOTu"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 5e9fe3b78fd30742-FRA
GET H2	200	opensans-light-webfont.woff ww.paczkydpd.com/Z794bz9lRrf/css/fonts/	84 KB 84 KB	25ms 24ms	Font application/font-woff	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/fonts/opensans-light-webfont.woff Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab` Request headers Origin https://ww.paczkydpd.com Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4178 status 200 cf-request-id 0617cca6ba0000074200a65000000001 last-modified Thu, 29 Oct 2020 17:37:03 GMT server cloudflare etag W/"15000-5b2d2ba67d4b4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vr%2BRIohr6uuVK1dBlMrfaxvy8GNzjbFrnLHkMnb8XsX%2FMMSOHLYpGs9X9Kqs4NYNvJLYzqjBAmqYL1POljZEPoQb3F3slQ81Ntegbpwcw8OiJqnP3E%2Fn38MLCeh"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 5e9fe3b78fde0742-FRA
GET H2	200	opensans-semibold-webfont.woff ww.paczkydpd.com/Z794bz9lRrf/css/fonts/	89 KB 89 KB	20ms 19ms	Font application/font-woff	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/fonts/opensans-semibold-webfont.woff Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae` Request headers Origin https://ww.paczkydpd.com Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4178 status 200 cf-request-id 0617cca6ba00000742eab4d000000001 last-modified Thu, 29 Oct 2020 17:37:03 GMT server cloudflare etag W/"16420-5b2d2ba67f00c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WcL%2B5cEYRAIS1rHbu2O6i0pyeNvbCB8ZDgBYakH7hjJcEqBWa8Cks5AuE7yT6zQl6D7%2F0%2FTi4opvNUwi5MYhR5zGgAzGnAGNrE9uaBCQCIfu1y%2BuM7%2BDZJyazWHv"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 5e9fe3b78fdf0742-FRA
GET H2	200	PFBeauSansPro-Bold.woff ww.paczkydpd.com/Z794bz9lRrf/css/fonts/	142 KB 136 KB	20ms 20ms	Font application/font-woff	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/css/fonts/PFBeauSansPro-Bold.woff Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8` Request headers Origin https://ww.paczkydpd.com Referer https://ww.paczkydpd.com/Z794bz9lRrf/css/c6c5c08148643c09c160dc5e4c72cc21c.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 21:11:31 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4178 status 200 cf-request-id 0617cca6ba00000742d52c5000000001 last-modified Thu, 29 Oct 2020 17:37:03 GMT server cloudflare etag W/"2374c-5b2d2ba68171c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tGV8H7vlPbXiMt7w%2F%2BP%2FtXOgDTuk83%2FW0XhLskr9ojX8tdcDMr0zLcsb2UYW6t3vJ5YwfwCTf5BuXUwVJJ2KEcFVYLauKIo%2F%2BiEKvTEihmd30qlTeq06b%2Bxyny6H"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 5e9fe3b78fe10742-FRA
POST H2	200	online.php Show response ww.paczkydpd.com/Z794bz9lRrf/	0 484 B	77ms 76ms	XHR text/html	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/online.php Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Thu, 29 Oct 2020 21:11:41 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FCtRn%2FgyZJe%2BXpIylJXz74XIM%2BNfXNN7v0DSa8D9ENn0dptWBQIkHcgB4hgAc5sqK8szB361pyqaGPGsk7tQ2bDI%2BN7%2Boe%2FsFRbNrI%2FUPfyhWgCXaX2Vfd5hOjm4"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5e9fe3f65da40742-FRA cf-request-id 0617cccdf300000742ccbc6000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online.php Show response ww.paczkydpd.com/Z794bz9lRrf/	0 309 B	107ms 107ms	XHR text/html	2606:4700:3033::6818:64dd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ww.paczkydpd.com/Z794bz9lRrf/online.php Requested by Host: ww.paczkydpd.com URL: https://ww.paczkydpd.com/Z794bz9lRrf/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://ww.paczkydpd.com/Z794bz9lRrf/MjFwBJ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Thu, 29 Oct 2020 21:11:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jJKWy0%2FHxo%2FLOeQFdZcJk57HFqGamiAQM0cR5XrfoQCUddQpdYureqvf5SUJeYYjbvgYqauv%2Fb%2F7pO1UXv%2BG2Al95VTRnuZNQmSfk8xkSo8OU%2FKOlLp6GANl0DFp"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5e9fe4003ffd0742-FRA cf-request-id 0617ccd42000000742da1c4000000001 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paczkydpd.com/	1970-01-19 14:16:37	Name: __cfduid Value: d3a815f2947efdf0efb8e4f1a3927dcbd1604005891
ww.paczkydpd.com/Z794bz9lRrf	1970-01-19 13:33:29	Name: 3480a6767866640c822a00d4c5ee56b5 Value: 421428973
ww.paczkydpd.com/Z794bz9lRrf	1970-01-19 13:33:29	Name: bb38a4fbdaf2ebf5e8ddf4f25d30c414 Value: 2055338133
ww.paczkydpd.com/Z794bz9lRrf	1970-01-19 13:33:29	Name: daaac68572451bd4e6fa27ae492cf420 Value: 3885723151
ww.paczkydpd.com/Z794bz9lRrf	1970-01-19 13:33:29	Name: 232196810447aef27ef95e38bccd5f8f Value: 3199649503
ww.paczkydpd.com/Z794bz9lRrf	1970-01-19 13:33:29	Name: 7d3885e833e955e0330c5e1ff27571a8 Value: 1368089407
ww.paczkydpd.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hespguunafivel90g5n7d8ced2
ww.paczkydpd.com/Z794bz9lRrf	1970-01-19 13:33:29	Name: cc5a2535dbd070b58bb1e037ca1b07b3 Value: 2392823960

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ww.paczkydpd.com
2606:4700:3033::6818:64dd
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
1774194473bf08809713c9e71807684f1557cf263913978ed6d03235f00e2586
373a9dfada270ded30226322350d1e2a8e6c34c38c310d75b6cf4a7b9b24274b
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
5b64c4e11bec961bc2da51713f7e53573b3740b98bf7970ba8d607892754feec
727934417bb065a144ebb17d9351d56a69cf1422d81ff7d70477a0543e2c07a5
7849c12caa2bf7083b462b55d4b75fe55f73187f3ec518e841a7a55069ddb683
8f667283984aeb95f0b04701331ca8dc8c6a33d68e939b42e80ad53e9f76c830
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ww.paczkydpd.com Open in urlscan Pro 2606:4700:3033::6818:64dd Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

643 kBTransfer

741 kBSize

8 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

8 Cookies

Indicators

ww.paczkydpd.com Open in urlscan Pro
2606:4700:3033::6818:64dd Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

643 kB
Transfer

741 kB
Size

8
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!