zawoja.net.pl Open in urlscan Pro
195.149.224.212 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php
Submission: On February 03 via automatic, source openphish (February 3rd 2018, 3:58:32 pm UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 195.149.224.212, located in Poland and belongs to KEI, PL. The main domain is zawoja.net.pl.

This is the only time zawoja.net.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address		AS Autonomous System
12	195.149.224.212 195.149.224.212		29522 (KEI) (KEI)
13	2

12 195.149.224.212 (Poland)

ASN29522 (KEI, PL)
PTR: pmart.pl

zawoja.net.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	zawoja.net.pl zawoja.net.pl	78 KB
0	ikdiagonal.com Failed www.ikdiagonal.com Failed
13	2

	Domain	Requested by
12	zawoja.net.pl	zawoja.net.pl
0	www.ikdiagonal.com Failed	zawoja.net.pl
13	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php
Frame ID: (6CF31D651B47AB1E2D66CE6D99751020)
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

78 kB
Transfer

313 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set initiate.php Show response zawoja.net.pl/cli/jp.appleid.apple.com/clients/	20 KB 15 KB	549ms 515ms	Document text/html	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `a9744919eff46bae260c533d59e3c87b9aab6aedd19664be4369731725037b24` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host zawoja.net.pl Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Server nginx/1.6.2 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Set-Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511; path=/ Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	hea2.js Show response zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/js/	20 KB 6 KB	105ms 74ms	Script application/javascript	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/js/hea2.js Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Tue, 15 Jul 2014 10:24:16 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	global.css zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/	174 KB 28 KB	44ms 43ms	Stylesheet text/css	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `5bac4d0a1cdb2cad20d031f6e08a532ba5778c854b4c11aa4c567c6e45b28a6c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Sun, 06 Jul 2014 04:45:40 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	style2.css zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/	53 KB 8 KB	45ms 45ms	Stylesheet text/css	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/style2.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `907b732ef921ede9c1746849acd75511982dc7a08e1f45c78a7a24bdb4b416fb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Sun, 06 Jul 2014 11:07:52 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	navigation.css zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/	9 KB 2 KB	71ms 37ms	Stylesheet text/css	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/navigation.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `276f118a38655f55fa9ccacd80ca1bfe7c1e56f4fcfe7570c07d9dc4aa5494fc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Sun, 06 Jul 2014 04:50:44 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	enhanced.css zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/	23 KB 5 KB	71ms 37ms	Stylesheet text/css	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/enhanced.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `392b975022b33e4e16e69388d51f89ab29a9484421e423d482d8c7eb305a8cd3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Fri, 16 May 2014 12:51:34 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	myappleid.png zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/	2 KB 2 KB	37ms 37ms	Image image/png	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Show image Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/myappleid.png Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `187b2b22c25e45740f6b9b224fec74ef5fbb44c251c40b50ee1ac4dbb79b413f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Last-Modified Fri, 22 Nov 2013 09:12:40 GMT Server nginx/1.6.2 ETag "14e8793-76a-4ebc06a821200" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1898
GET H/1.1	200 OK	secure.png zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/	995 B 1 KB	37ms 37ms	Image image/png	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Show image Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/secure.png Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `b38d00bcd619347ca2af1af8b6c53c1fc2bf6fa91cf6cdfc18a2d34291e60945` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Last-Modified Mon, 07 Jul 2014 20:02:40 GMT Server nginx/1.6.2 ETag "14e87e1-3e3-4fd9ff510f800" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 995
GET		japan_2x.png www.ikdiagonal.com/images/	0 0

GET DATA	200 OK	truncated /	747 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `26b9d14dde6f7735159a2a03fd493a14291b196c71b63bc171e39a81c6040869` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET DATA	200 OK	truncated /	74 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a9fb7240fec9011d1daf7ef642ced8eb9382707b5cdcc0cf33eacae10d8396be` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET H/1.1	200 OK	globalnav_text.png zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/	6 KB 7 KB	37ms 37ms	Image image/png	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Show image Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/globalnav_text.png Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `7641bfe689de81e54e63e45797381e6ea48fcf4b85bf5dc7251a87bfa1b305b7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/navigation.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/navigation.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Last-Modified Fri, 22 Nov 2013 09:12:42 GMT Server nginx/1.6.2 ETag "14e8771-19da-4ebc06aa09680" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6618
GET DATA	200 OK	truncated /	70 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `87ec98b62af4277e61018b9bf9610e2d517a1858c659675b21e0caa846417dfb` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET DATA	200 OK	truncated /	263 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f07cc94b84d5185063af533c94c365fc8a4043d5ab7ed79d1bc75f4eed12c1d0` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET DATA	200 OK	truncated /	205 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `39b76a8df411d9b1ef2017d7be6a6f0b4e7deebe32d4bcd00e0266ce89b75c25` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET H/1.1	200 OK	bg_main_repeat.jpg zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/	1 KB 1 KB	37ms 37ms	Image image/jpeg	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Show image Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/bg_main_repeat.jpg Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `14c353ef137d70ff0bb0cc18f63dd4a3eb91797d0dc457b8dde8daa6e356a223` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Last-Modified Fri, 22 Nov 2013 09:14:40 GMT Server nginx/1.6.2 ETag "14e8752-400-4ebc071a92000" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 1024
GET H/1.1	200 OK	breadcrumb_home.svg zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/	2 KB 1 KB	56ms 37ms	Image image/svg+xml	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Show image Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/breadcrumb_home.svg Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `77c60149587b0ef56b7f6203d7b57aadb25506e8b19242fa8f180a93cb2b4cf7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Fri, 22 Nov 2013 09:14:40 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type image/svg+xml Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	breadcrumb_separator.svg zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/	574 B 670 B	63ms 37ms	Image image/svg+xml	195.149.224.212 KEI
General Check archive.org Show headers Download Go to Show image Full URL http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/images/breadcrumb_separator.svg Requested by Host: zawoja.net.pl URL: http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/initiate.php Protocol HTTP/1.1 Server 195.149.224.212 , Poland, ASN29522 (KEI, PL), Reverse DNS pmart.pl Software nginx/1.6.2 / Resource Hash `df434d25d6524eba1e8e600cc3629040b315f52092a799d62816f4a66c9b2dfb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zawoja.net.pl User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 Cookie PHPSESSID=5840cb095f7c95bef841485bc4aec511 Connection keep-alive Cache-Control no-cache Referer http://zawoja.net.pl/cli/jp.appleid.apple.com/clients/base/css/global.css?style_session=Grab.php?token;af82df6ca054045fb18b615fb5656ad9af82df6ca054045fb18b615fb5656ad9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sat, 03 Feb 2018 15:58:21 GMT Content-Encoding gzip Last-Modified Fri, 22 Nov 2013 09:14:38 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type image/svg+xml Transfer-Encoding chunked Connection keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ikdiagonal.com
URL: http://www.ikdiagonal.com/images/japan_2x.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zawoja.net.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5840cb095f7c95bef841485bc4aec511

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.ikdiagonal.com
zawoja.net.pl
www.ikdiagonal.com
195.149.224.212
14c353ef137d70ff0bb0cc18f63dd4a3eb91797d0dc457b8dde8daa6e356a223
187b2b22c25e45740f6b9b224fec74ef5fbb44c251c40b50ee1ac4dbb79b413f
26b9d14dde6f7735159a2a03fd493a14291b196c71b63bc171e39a81c6040869
276f118a38655f55fa9ccacd80ca1bfe7c1e56f4fcfe7570c07d9dc4aa5494fc
392b975022b33e4e16e69388d51f89ab29a9484421e423d482d8c7eb305a8cd3
39b76a8df411d9b1ef2017d7be6a6f0b4e7deebe32d4bcd00e0266ce89b75c25
5bac4d0a1cdb2cad20d031f6e08a532ba5778c854b4c11aa4c567c6e45b28a6c
7641bfe689de81e54e63e45797381e6ea48fcf4b85bf5dc7251a87bfa1b305b7
77c60149587b0ef56b7f6203d7b57aadb25506e8b19242fa8f180a93cb2b4cf7
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
87ec98b62af4277e61018b9bf9610e2d517a1858c659675b21e0caa846417dfb
907b732ef921ede9c1746849acd75511982dc7a08e1f45c78a7a24bdb4b416fb
a9744919eff46bae260c533d59e3c87b9aab6aedd19664be4369731725037b24
a9fb7240fec9011d1daf7ef642ced8eb9382707b5cdcc0cf33eacae10d8396be
b38d00bcd619347ca2af1af8b6c53c1fc2bf6fa91cf6cdfc18a2d34291e60945
df434d25d6524eba1e8e600cc3629040b315f52092a799d62816f4a66c9b2dfb
f07cc94b84d5185063af533c94c365fc8a4043d5ab7ed79d1bc75f4eed12c1d0

zawoja.net.pl Open in urlscan Pro 195.149.224.212 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

78 kBTransfer

313 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Indicators

zawoja.net.pl Open in urlscan Pro
195.149.224.212 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

78 kB
Transfer

313 kB
Size

1
Cookies

13 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!