peytel24.net Open in urlscan Pro
2606:4700:3033::681f:41f4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://peytel24.net/3zufUzHXw/4qcoqJ
Submission: On January 06 via automatic, source phishtank (January 6th 2021, 4:49:16 pm UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::681f:41f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is peytel24.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 28th 2020. Valid for: a year.

This is the only time peytel24.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

	IP Address		AS Autonomous System
13	2606:4700:303... 2606:4700:3033::681f:41f4		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	1

13 2606:4700:3033::681f:41f4 (United States)

ASN13335 (CLOUDFLARENET, US)

peytel24.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	peytel24.net peytel24.net	643 KB
13	1

	Domain	Requested by
13	peytel24.net	peytel24.net
13	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-28` - `2021-12-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://peytel24.net/3zufUzHXw/4qcoqJ
Frame ID: 6E2F638888530B4C803CB9560D657D2C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

643 kB
Transfer

741 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 4qcoqJ Show response peytel24.net/3zufUzHXw/	13 KB 4 KB	178ms 133ms	Document text/html	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/4qcoqJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `8506cd2dfafac514d14f85c3261d2b69c8f0364d875c2a908250eb08b835657e` Request headers :method GET :authority peytel24.net :scheme https :path /3zufUzHXw/4qcoqJ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d656d3a438c18c6aee94fdfcb8bf360181609951737; expires=Fri, 05-Feb-21 16:48:57 GMT; path=/; domain=.peytel24.net; HttpOnly; SameSite=Lax PHPSESSID=i8g03q1l8tf1stvdbaog1sguef; path=/ 2b37cd639592678259fb5e31ac1a912f=1030630731; expires=Wed, 06-Jan-2021 17:46:55 GMT; Max-Age=3477 3a3d4274a7578763f671bde5640199dc=1304270932; expires=Wed, 06-Jan-2021 17:47:12 GMT; Max-Age=3494 ab7dac289decf966f26b27405dbab016=1344374604; expires=Wed, 06-Jan-2021 17:48:31 GMT; Max-Age=3573 e9b00418430c9ad3a7a12508a3288af8=4118657307; expires=Wed, 06-Jan-2021 17:51:32 GMT; Max-Age=3754 vary Accept-Encoding x-powered-by PHP/7.4.7RC1 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache cf-cache-status DYNAMIC cf-request-id 077a3310610000d6b54ab08000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N4%2BmA0LbbMSafiNM%2F3%2Fv31R2c4MNPbfm3TRvYdb0Rl6%2BC7iOG%2BfmwHouQcOf5MIHQIpzPpLOJ0drDbz0uEKil6rMSAXEIC6NqVm4Fk2nuFCS47bx0T8E1R4%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 60d6edfa39c5d6b5-FRA content-encoding br
GET H2	200	ccd3f82572b102e2cb5e7d27c4fdf49e6.css peytel24.net/3zufUzHXw/css/	38 KB 9 KB	172ms 171ms	Stylesheet text/css	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/4qcoqJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `6b2cfaab6bcab1b4072820a3932694a389b721be062219e01f157d5c677f41b6` Request headers Referer https://peytel24.net/3zufUzHXw/4qcoqJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 06 Jan 2021 16:48:58 GMT content-encoding br cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wQYQSjcH4aITx0y6XUB6CRnjf360uJ%2FBAx12yv%2FmSlMb2lWF8wKxQwRtAE5PbhkuIg18pFnPzasPv%2BrM70VU19xQFoh8FaIyis8Ce1wXV%2FTfOqtmSaOyjPA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 60d6edfb1bead6b5-FRA cf-request-id 077a3310eb0000d6b5010ea000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jquery.js Show response peytel24.net/3zufUzHXw/	86 KB 30 KB	26ms 25ms	Script application/javascript	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/jquery.js Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/4qcoqJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer https://peytel24.net/3zufUzHXw/4qcoqJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 15220 cf-request-id 077a3310ec0000d6b5feaee000000001 last-modified Fri, 06 Mar 2020 13:17:46 GMT server cloudflare etag W/"5e624d7a-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gx%2FcnLsKZpvti22DwoPoSOu9dPZtKvmx8bUjk6lXZgrG9Zef%2B4w5tqY7JGCXF3s%2FCobwU7rVybGgm2pe%2F1UBIxSO3VWppFpiBy4rA2GzP%2FRvEeYOuG6CADo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 60d6edfb1bebd6b5-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	4a116214598ce19f8d6fd7a8d71d963a.jpg peytel24.net/3zufUzHXw/css/	59 KB 60 KB	113ms 113ms	Image image/jpeg	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peytel24.net/3zufUzHXw/css/4a116214598ce19f8d6fd7a8d71d963a.jpg Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `4c7aa52b46783e62dc86890aebc03c00f9d837ff7accddef368e050db5589c31` Request headers Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 06 Jan 2021 16:48:58 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HyNiJbSIddCDrcXA7fa3ULhAfSNXpQ2rIXt6fLgY%2FsAKGYGmsB1uKWVNTBLQx54%2BW2afkO0QlarEFegpT3MYhA2djWoAO2yrFIfZKk%2Fx2Obg6lp8nIl%2FW0M%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-store, no-cache, must-revalidate cf-ray 60d6edfc3e9cd6b5-FRA cf-request-id 077a3311ab0000d6b50e8bc000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	843c7e65f43ca8dd44b802eb49fcca79.png peytel24.net/3zufUzHXw/css/	5 KB 6 KB	119ms 118ms	Image image/png	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peytel24.net/3zufUzHXw/css/843c7e65f43ca8dd44b802eb49fcca79.png Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `d7f8907ab769882350aa3f698fe09886ee13a53c56019b01e50032b99e14c3c8` Request headers Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.7RC1 content-length 5442 cf-request-id 077a3311a90000d6b561339000000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7zTJ9k4gXKW0zKtjAArqjmfszgbJGJKwYqOs6AgJ%2FSzJD70%2BoqKSPR3Pd%2Fd1avCNKPAAbzL5YQ6SJPRn1Vj1elWfG8N2k%2FxNmhHOW20nkeqCz3VcVrd%2B0Hk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate accept-ranges bytes cf-ray 60d6edfc3ea0d6b5-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	cee68883dc12654f2d5454192feb3034.png peytel24.net/3zufUzHXw/css/	135 KB 135 KB	105ms 104ms	Image image/png	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peytel24.net/3zufUzHXw/css/cee68883dc12654f2d5454192feb3034.png Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `a99485d11cfcaa3ceb423b848d2828c1a7b2c53c0e595e30656b8bd05ee9e14a` Request headers Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 06 Jan 2021 16:48:58 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RfvHLdY6tvQfJ%2FDbE6fSKJ1K080uTTtrAhGTXGmcMNz3HKGpr6XUPkDDVVxiLNgS4e72EJx4ULopsYimgIkDRiGYAwVHJL6TDiKJdfhGrUHwJQbUMCQNAMI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate cf-ray 60d6edfc3ea3d6b5-FRA cf-request-id 077a3311a90000d6b54ab28000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	436567166340f9598169b3bb3cd5cdea.png peytel24.net/3zufUzHXw/css/	1 KB 2 KB	113ms 112ms	Image image/png	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://peytel24.net/3zufUzHXw/css/436567166340f9598169b3bb3cd5cdea.png Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `9dffb59f5616abbd9e78912fcf82204767a8b851b9f29ce11170e766baa8cdad` Request headers Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.7RC1 content-length 1393 cf-request-id 077a3311a90000d6b5669c7000000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gOrsVkeoafInyDnzWv4h0wN1lUq8mwLHl8OEHheWlcFKR2qqFBL9Xoe5%2FnTCb5keOPCtEQAq4K6UvmV02BQ%2Bq62RagiRFQn4EGQOLSXV5Nf6wmw1CyERlV4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate accept-ranges bytes cf-ray 60d6edfc3ea5d6b5-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	opensans-regular-webfont.woff peytel24.net/3zufUzHXw/css/fonts/	87 KB 88 KB	32ms 31ms	Font application/font-woff	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/css/fonts/opensans-regular-webfont.woff Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1` Request headers Origin https://peytel24.net Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:37:28 GMT server cloudflare age 1869 etag W/"15de8-578c16db2aa00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Poj95mqEo05SJaMsZ0SHVUE3mgRuf0k4nCV%2FbFpzsJUZVlOyxzVjJurwy7NSBzCT94XA9eirXHT9iXccI1Zh%2FJm8c%2BTX1V5xzBXvR4LEsxcMUaJOnuWQgFs%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60d6edfc3ea7d6b5-FRA cf-request-id 077a3311aa0000d6b555a96000000001
GET H2	200	opensans-light-webfont.woff peytel24.net/3zufUzHXw/css/fonts/	84 KB 84 KB	34ms 34ms	Font application/font-woff	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/css/fonts/opensans-light-webfont.woff Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab` Request headers Origin https://peytel24.net Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:36:32 GMT server cloudflare age 1869 etag W/"15000-578c16a5c2c00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FOBAULRCfBn6qmBzxviI2seaH9YZV0F%2BS9nmAEL12wNKq1LN56uq8QvFuAraoC59pBYrXZ%2BwCO66B4HPTyi3zk2POcoeWSUGaNh%2FBMbSBcDyWFhb%2FcJuneU%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60d6edfc4eafd6b5-FRA cf-request-id 077a3311ac0000d6b51eab2000000001
GET H2	200	opensans-semibold-webfont.woff peytel24.net/3zufUzHXw/css/fonts/	89 KB 89 KB	63ms 63ms	Font application/font-woff	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/css/fonts/opensans-semibold-webfont.woff Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae` Request headers Origin https://peytel24.net Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:38:38 GMT server cloudflare age 1869 etag W/"16420-578c171dec780" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JXxFUkmVfKE3fzWBbSTToJk4NtAeL0DtL%2FIyH4WKFV1wEN5YrhopuOdVY0UqDDkRKqwLvi%2B8kcP%2F3oOx2MC1qO5r7DmMtjPdRiQuf4kTGu7G4l80y2Tjb%2Bk%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60d6edfc4eb0d6b5-FRA cf-request-id 077a3311ac0000d6b55ca4c000000001
GET H2	200	PFBeauSansPro-Bold.woff peytel24.net/3zufUzHXw/css/fonts/	142 KB 136 KB	41ms 41ms	Font application/font-woff	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/css/fonts/PFBeauSansPro-Bold.woff Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8` Request headers Origin https://peytel24.net Referer https://peytel24.net/3zufUzHXw/css/ccd3f82572b102e2cb5e7d27c4fdf49e6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 16:48:58 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:35:56 GMT server cloudflare age 1869 etag W/"2374c-578c16836db00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JwNqNZ9YsI7pGcKjSWsCiGeMBwjYIrSRftVnknApQuCo0PChEEY3%2FIpl%2BQQ7LmTzwhF3JlRxc9nXHH%2FG2qWy03H7ea%2BHRdumFnUtIqdAumUQ2UUzX%2BR5m48%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 60d6edfc4eb1d6b5-FRA cf-request-id 077a3311ac0000d6b56133a000000001
POST H2	200	online.php Show response peytel24.net/3zufUzHXw/	0 478 B	108ms 107ms	XHR text/html	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/online.php Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://peytel24.net/3zufUzHXw/4qcoqJ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 06 Jan 2021 16:49:08 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fTyI4%2FYJKf3JO3FRmjESIW6lxtWaDoMeeR1J74Pwv5CZ1JLdotdsbqTAsZtZ4yFI8IK9x%2B%2FfV81C0W6tCn7zNzfId9RvVXOpgwokf%2FmHOEWWI93zS09Vokg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 60d6ee3b0fedd6b5-FRA cf-request-id 077a3338e90000d6b53421f000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online.php Show response peytel24.net/3zufUzHXw/	0 450 B	130ms 130ms	XHR text/html	2606:4700:3033::681f:41f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://peytel24.net/3zufUzHXw/online.php Requested by Host: peytel24.net URL: https://peytel24.net/3zufUzHXw/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:41f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://peytel24.net/3zufUzHXw/4qcoqJ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 06 Jan 2021 16:49:10 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=70hXM3RVKNRaY7RD3t%2FYY0RZjSAvSBFz%2BP%2B1gBoETZQgNpsQmAMVNEmUGpIRHUsQIg9WOmXmv5qk%2FQF8fY9ruhJFIKfZS0h6ID2nPpX2c4YfbEWFhczs3Hk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 60d6ee45286cd6b5-FRA cf-request-id 077a333f350000d6b5669e3000000001 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
peytel24.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: i8g03q1l8tf1stvdbaog1sguef
.peytel24.net/	1970-01-19 15:55:43	Name: __cfduid Value: d656d3a438c18c6aee94fdfcb8bf360181609951737
peytel24.net/3zufUzHXw	1970-01-19 15:12:35	Name: e9b00418430c9ad3a7a12508a3288af8 Value: 4118657307
peytel24.net/3zufUzHXw	1970-01-19 15:12:35	Name: ab7dac289decf966f26b27405dbab016 Value: 1344374604
peytel24.net/3zufUzHXw	1970-01-19 15:12:35	Name: 3a3d4274a7578763f671bde5640199dc Value: 1304270932
peytel24.net/3zufUzHXw	1970-01-19 15:12:35	Name: 2b37cd639592678259fb5e31ac1a912f Value: 1030630731

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

peytel24.net
2606:4700:3033::681f:41f4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
4c7aa52b46783e62dc86890aebc03c00f9d837ff7accddef368e050db5589c31
6b2cfaab6bcab1b4072820a3932694a389b721be062219e01f157d5c677f41b6
8506cd2dfafac514d14f85c3261d2b69c8f0364d875c2a908250eb08b835657e
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
9dffb59f5616abbd9e78912fcf82204767a8b851b9f29ce11170e766baa8cdad
a99485d11cfcaa3ceb423b848d2828c1a7b2c53c0e595e30656b8bd05ee9e14a
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
d7f8907ab769882350aa3f698fe09886ee13a53c56019b01e50032b99e14c3c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

peytel24.net Open in urlscan Pro 2606:4700:3033::681f:41f4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

643 kBTransfer

741 kBSize

6 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

6 Cookies

Indicators

peytel24.net Open in urlscan Pro
2606:4700:3033::681f:41f4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

643 kB
Transfer

741 kB
Size

6
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!