104.244.73.170 Open in urlscan Pro
104.244.73.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/
Submission Tags: 6332025
Submission: On December 23 via api (December 23rd 2019, 9:59:32 am UTC) from US

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 17 HTTP transactions. The main IP is 104.244.73.170, located in Phoenix, United States and belongs to PONYNET - FranTech Solutions, US. The main domain is 104.244.73.170.

This is the only time 104.244.73.170 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKO Bank Polski (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	104.244.73.170 104.244.73.170	53667 (PONYNET) (PONYNET - FranTech Solutions)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
17	3

8 104.244.73.170 (Phoenix, United States)

ASN53667 (PONYNET - FranTech Solutions, US)

104.244.73.170	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	jquery.com code.jquery.com	30 KB
17	1

	Domain	Requested by
1	code.jquery.com	104.244.73.170
17	1

This site contains links to these domains. Also see Links.

Domain
inteligo.pl

Subject Issuer	Validity	Valid
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/
Frame ID: 2FCDDCE8F38AF94715C26B0E5ABA6FAE
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /socket\.io.*\.js/i

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /socket\.io.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

6 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

1596 kB
Transfer

2293 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://inteligo.pl/e-urzad/wniosek-dobry-start/
Title: .

Search URL Search Domain Scan URL

URL: http://inteligo.pl/infosite/_images/_files/zasady_gwarantowania_depozytow.pdf
Title: Gwarantowanie depozytów

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request inteligo Show response 104.244.73.170/bramkaplatnosci/	1 MB 1 MB	158ms 145ms	Document text/html	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Express Resource Hash `d7243eac5e9aade58a1612e14c667c0f0faeb7375fe1c116d5fcfa09e8d1be81` Request headers Host 104.244.73.170 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Powered-By Express Content-Type text/html; charset=utf-8 Content-Length 1441936 ETag W/"160090-iS6ME0VYNm77Ghi7i5JXm9y0X4o" Date Mon, 23 Dec 2019 09:59:15 GMT Connection keep-alive
GET H/1.1	200 OK	jquery.js Show response 104.244.73.170/js/	85 KB 85 KB	85ms 72ms	Script application/javascript	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/js/jquery.js Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Express Resource Hash `4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 23 Dec 2019 09:59:15 GMT Last-Modified Tue, 09 Oct 2018 17:55:14 GMT X-Powered-By Express ETag W/"15391-16659f7f3d0" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 86929
GET H/1.1	200 OK	socket.io.js Show response 104.244.73.170/socket.io/	61 KB 61 KB	67ms 54ms	Script application/javascript	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/socket.io/socket.io.js Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 23 Dec 2019 09:59:15 GMT Cache-Control public, max-age=0 Connection keep-alive ETag "2.2.0" Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	21ms 7ms	Script application/javascript	2001:4de0:ac19::1:b:3b Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software nginx / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 23 Dec 2019 09:59:13 GMT Content-Encoding gzip Last-Modified Sat, 20 Jan 2018 17:26:44 GMT Server nginx ETag W/"5a637bd4-1538f" Vary Accept-Encoding X-HW 1577095153.dop120.fr8.shc,1577095153.dop120.fr8.t,1577095153.cds057.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30288
GET DATA	200 OK	truncated /	24 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f9074d8dc51c52bfc8a08c53183a362a0d8e595cc2cc855808f8d4e50528f628` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f4bf728b8036cbd974f278c50a05a3065740485c523a849e3f44fa888689e36` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `037949ae52ee64febd4f04b70fde70148efa2abb8fc750acb2dfaccf73bb448b` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/jpeg
GET H/1.1	200 OK	inteligo 104.244.73.170/bramkaplatnosci/	10 KB 10 KB	111ms 111ms	Image text/html	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Show image Full URL http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 23 Dec 2019 09:59:15 GMT ETag W/"160090-iS6ME0VYNm77Ghi7i5JXm9y0X4o" Connection keep-alive X-Powered-By Express Content-Length 1441936 Content-Type text/html; charset=utf-8
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8fdb0784dfede3df4c5ca8d8ab638b4b986225a0087684dcc64e23e23a834b08` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5758f180a16dcf04820c006cb0952266994564810da55f61c09f14de1476d617` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c9abff9229debcd72aad4e26fe0741acb1b7ad0e208ba659f40c0b65c72040a5` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3a3ee331cc984748ee72216cbff6cc3aa0531a3ae06bdfa4e5ad161fa1d0db5a` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	49 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f1b84f81f5157cffa38a595c8a6130b66f7eba2d62570e4acc642732b8badf8c` Request headers Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/gif
GET BLOB	200 OK	1713c314-1bc1-474d-86a6-841f70bd5991 http://104.244.73.170/	4 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/1713c314-1bc1-474d-86a6-841f70bd5991 Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `592777536d718bbaea7e6d40cc02456d3fad23c248b159e56bccf176727df746` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 3658 Content-Type image/jpeg
GET BLOB	200 OK	1958cb2c-7a1d-4c1b-8ab9-0f1eda6194c8 http://104.244.73.170/	60 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/1958cb2c-7a1d-4c1b-8ab9-0f1eda6194c8 Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `12e52bd0e3fa1da51e9c1540cff0e011e86d515409f540fc2d69c8bc5a74f317` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 61713 Content-Type image/png
GET BLOB	200 OK	d904889f-da82-48be-b3ae-50bc5a7585fe http://104.244.73.170/	35 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/d904889f-da82-48be-b3ae-50bc5a7585fe Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `480295a026353571aa19090c7f4f12edf88fb0c863d26065527d22412935718d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 36153 Content-Type image/png
GET BLOB	200 OK	51b302d4-0480-42a1-a147-e7918ad99559 http://104.244.73.170/	225 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/51b302d4-0480-42a1-a147-e7918ad99559 Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `2d6c0b2e62a60b88136bc0977ef733af78f3cd7809f166ac5874fb14f6d5215f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 225 Content-Type image/png
GET BLOB	200 OK	3dfd8f76-4ed2-42a2-b98b-4956834ca58e http://104.244.73.170/	313 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/3dfd8f76-4ed2-42a2-b98b-4956834ca58e Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `076c395f3cfa3ecc21a5ea63cae98fc3a56d8df7d0bf1d8b07b0ef2a2febaa17` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 313 Content-Type image/png
GET BLOB	200 OK	ee83c89c-3eb6-41a0-a9a9-441d5a019261 http://104.244.73.170/	10 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/ee83c89c-3eb6-41a0-a9a9-441d5a019261 Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `32a318cc7425c80a66792cdcbcf305493f5eb4d5242b3bdb147a71689477b823` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 10506 Content-Type image/png
GET BLOB	200 OK	57c9e2f7-722a-4f87-b8b2-082835b1c835 http://104.244.73.170/	481 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/57c9e2f7-722a-4f87-b8b2-082835b1c835 Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `97b25699ca3e67fca969b74e79d9ff3ed908f48312521cfa8e1dc0d7baa8ee9a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 492534 Content-Type image/png
GET BLOB	200 OK	90c21eb1-d021-42b9-88de-fc0d10b1af9d http://104.244.73.170/	708 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://104.244.73.170/90c21eb1-d021-42b9-88de-fc0d10b1af9d Requested by Host: 104.244.73.170 URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `35065e40ba0d078f1ed4f4c4820685f58550d06167ce7707136bb2ddee73140d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 708 Content-Type image/png
GET H/1.1	200 OK	/ Show response 104.244.73.170/socket.io/	103 B 332 B	29ms 29ms	XHR text/plain	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/socket.io/?EIO=3&transport=polling&t=MyoCaVk Requested by Host: 104.244.73.170 URL: http://104.244.73.170/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `d2a53469b1ccc0372716cb2b18c99ae26f12b76222ade8aa00eb240ca1537a18` Request headers Accept / Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 23 Dec 2019 09:59:15 GMT Connection keep-alive Content-Length 103 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	/ Show response 104.244.73.170/socket.io/	20 B 248 B	29ms 29ms	XHR text/plain	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/socket.io/?EIO=3&transport=polling&t=MyoCaWE&sid=RRnb6VtOGDIWNhzAAABd Requested by Host: 104.244.73.170 URL: http://104.244.73.170/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `a40611cef65783cba78381ce87133f59967c78a81e78aabacb8d15e2a8292043` Request headers Accept / Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 23 Dec 2019 09:59:16 GMT Connection keep-alive Content-Length 20 Content-Type text/plain; charset=UTF-8
POST H/1.1	200 OK	/ Show response 104.244.73.170/socket.io/	2 B 273 B	35ms 35ms	XHR text/html	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/socket.io/?EIO=3&transport=polling&t=MyoCaWj&sid=RRnb6VtOGDIWNhzAAABd Requested by Host: 104.244.73.170 URL: http://104.244.73.170/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ Origin http://104.244.73.170 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin http://104.244.73.170 Date Mon, 23 Dec 2019 09:59:16 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type text/html
GET H/1.1	200 OK	/ Show response 104.244.73.170/socket.io/	3 B 230 B	151ms 151ms	XHR text/plain	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://104.244.73.170/socket.io/?EIO=3&transport=polling&t=MyoCaWj.0&sid=RRnb6VtOGDIWNhzAAABd Requested by Host: 104.244.73.170 URL: http://104.244.73.170/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0` Request headers Accept / Referer http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 23 Dec 2019 09:59:16 GMT Connection keep-alive Content-Length 3 Content-Type text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKO Bank Polski (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			104.244.73.170/	1969-12-31 23:59:59	Name: io Value: RRnb6VtOGDIWNhzAAABd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://104.244.73.170/bramkaplatnosci/inteligo?Id=ai5rb3dAd3AucGw=/amFu/a293YWxza2k=/(Line 21) Message: ai5rb3dAd3AucGw=,amFu,a293YWxza2k=,

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
104.244.73.170
2001:4de0:ac19::1:b:3b
037949ae52ee64febd4f04b70fde70148efa2abb8fc750acb2dfaccf73bb448b
076c395f3cfa3ecc21a5ea63cae98fc3a56d8df7d0bf1d8b07b0ef2a2febaa17
12e52bd0e3fa1da51e9c1540cff0e011e86d515409f540fc2d69c8bc5a74f317
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d6c0b2e62a60b88136bc0977ef733af78f3cd7809f166ac5874fb14f6d5215f
32a318cc7425c80a66792cdcbcf305493f5eb4d5242b3bdb147a71689477b823
35065e40ba0d078f1ed4f4c4820685f58550d06167ce7707136bb2ddee73140d
3a3ee331cc984748ee72216cbff6cc3aa0531a3ae06bdfa4e5ad161fa1d0db5a
480295a026353571aa19090c7f4f12edf88fb0c863d26065527d22412935718d
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
5758f180a16dcf04820c006cb0952266994564810da55f61c09f14de1476d617
592777536d718bbaea7e6d40cc02456d3fad23c248b159e56bccf176727df746
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6f4bf728b8036cbd974f278c50a05a3065740485c523a849e3f44fa888689e36
8fdb0784dfede3df4c5ca8d8ab638b4b986225a0087684dcc64e23e23a834b08
97b25699ca3e67fca969b74e79d9ff3ed908f48312521cfa8e1dc0d7baa8ee9a
a40611cef65783cba78381ce87133f59967c78a81e78aabacb8d15e2a8292043
c9abff9229debcd72aad4e26fe0741acb1b7ad0e208ba659f40c0b65c72040a5
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
d2a53469b1ccc0372716cb2b18c99ae26f12b76222ade8aa00eb240ca1537a18
d7243eac5e9aade58a1612e14c667c0f0faeb7375fe1c116d5fcfa09e8d1be81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1b84f81f5157cffa38a595c8a6130b66f7eba2d62570e4acc642732b8badf8c
f9074d8dc51c52bfc8a08c53183a362a0d8e595cc2cc855808f8d4e50528f628

104.244.73.170 Open in urlscan Pro 104.244.73.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

6 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

3 IPs

2 Countries

1596 kBTransfer

2293 kBSize

1 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

104.244.73.170 Open in urlscan Pro
104.244.73.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

6 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

1596 kB
Transfer

2293 kB
Size

1
Cookies

17 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!