platnosc-payu.pl Open in urlscan Pro
2606:4700:3034::681b:bcbf Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ
Submission Tags: 6745612
Submission: On August 26 via api (August 26th 2020, 8:44:20 am UTC) from NL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3034::681b:bcbf, located in United States and belongs to CLOUDFLARENET, US. The main domain is platnosc-payu.pl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 20th 2020. Valid for: a year.

This is the only time platnosc-payu.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

	IP Address		AS Autonomous System
15	2606:4700:303... 2606:4700:3034::681b:bcbf		13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	1

15 2606:4700:3034::681b:bcbf (United States)

ASN13335 (CLOUDFLARENET, US)

platnosc-payu.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	platnosc-payu.pl platnosc-payu.pl	641 KB
15	1

	Domain	Requested by
15	platnosc-payu.pl	platnosc-payu.pl
15	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-20` - `2021-08-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ
Frame ID: 032D643F752F2F4C3B94B901C990DF3A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

641 kB
Transfer

740 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request JasgnZ Show response platnosc-payu.pl/V974W7M9n9Hks/	13 KB 4 KB	172ms 116ms	Document text/html	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `c3b59f9d1e7137e52e090c46afd361307949c72af1578e33de02a4a6e6d4405e` Request headers :method GET :authority platnosc-payu.pl :scheme https :path /V974W7M9n9Hks/JasgnZ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 26 Aug 2020 08:44:02 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d9a282dac837d8128a017ea8c157cfd8b1598431442; expires=Fri, 25-Sep-20 08:44:02 GMT; path=/; domain=.platnosc-payu.pl; HttpOnly; SameSite=Lax; Secure PHPSESSID=o11uo1cbak1fpnnra1np026h1l; path=/ 0c22bdeb9c031444fe1e6b041dfa0aac=3291928974; expires=Wed, 26-Aug-2020 09:46:48 GMT; Max-Age=3766 72be7c40b5dde6f3d15ee4fd165d89ea=53842584; expires=Wed, 26-Aug-2020 09:42:11 GMT; Max-Age=3489 69a3612b035c97e8b64e52f5cfa81e4a=347283271; expires=Wed, 26-Aug-2020 09:43:24 GMT; Max-Age=3562 vary Accept-Encoding x-powered-by PHP/7.4.7RC1 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache cf-cache-status DYNAMIC cf-request-id 04cb894e0c0000bf00c6014200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5c8c44c34da0bf00-FRA content-encoding br
GET H2	200	cced7fdfad43c95c4ec4957300a307a24.css platnosc-payu.pl/V974W7M9n9Hks/css/	38 KB 9 KB	102ms 102ms	Stylesheet text/css	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `2b590d09d8814626b11b47c775e8773f0756e2a81cd8d5eacaa6b15e28a2443c` Request headers Referer https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:02 GMT content-encoding br cf-cache-status BYPASS server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c44c41e25bf00-FRA cf-request-id 04cb894e8c0000bf00c6016200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jquery.js Show response platnosc-payu.pl/V974W7M9n9Hks/	86 KB 30 KB	155ms 154ms	Script application/javascript	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/jquery.js Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 26 Aug 2020 08:44:02 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 Mar 2020 13:17:46 GMT server cloudflare etag W/"5e624d7a-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=315360000 cf-ray 5c8c44c41e27bf00-FRA cf-request-id 04cb894e8c0000bf00c6017200000001 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	c214468ab291e33eefd62b94e8f52c64.jpg platnosc-payu.pl/V974W7M9n9Hks/css/	59 KB 59 KB	106ms 106ms	Image image/jpeg	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/c214468ab291e33eefd62b94e8f52c64.jpg Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e1365def9912e30424c73d66739283559daf4951c08d96d8f4db137683cc4ec5` Request headers Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:02 GMT cf-cache-status BYPASS server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c44c51edbbf00-FRA cf-request-id 04cb894f300000bf00c601e200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	d182a671ea0684602dd3932fe4cababc.png platnosc-payu.pl/V974W7M9n9Hks/css/	5 KB 5 KB	107ms 107ms	Image image/png	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/d182a671ea0684602dd3932fe4cababc.png Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `20995a89e9acf439b1fdcbcc834886e1dc10ba1f48a49b36ea7984064f94ad12` Request headers Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:02 GMT cf-cache-status BYPASS server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control no-store, no-cache, must-revalidate accept-ranges bytes cf-ray 5c8c44c51eddbf00-FRA content-length 5442 cf-request-id 04cb894f300000bf00c601f200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	024a31d177ad532d60f11f376f0a0c3c.png platnosc-payu.pl/V974W7M9n9Hks/css/	135 KB 135 KB	116ms 115ms	Image image/png	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/024a31d177ad532d60f11f376f0a0c3c.png Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `7c2b4699ea73259dc4327be6335ed6eafdf1a3dd18e79681c4905658eca6a758` Request headers Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:02 GMT cf-cache-status BYPASS server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c44c51edfbf00-FRA cf-request-id 04cb894f320000bf00c6020200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	4642394e29954c13ce89a9b90f4d2060.png platnosc-payu.pl/V974W7M9n9Hks/css/	1 KB 1 KB	103ms 103ms	Image image/png	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/4642394e29954c13ce89a9b90f4d2060.png Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `87528a670915e5caa2d622993cc519c44684e578c74a0acf4eafe79eafed044b` Request headers Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:02 GMT cf-cache-status BYPASS server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control no-store, no-cache, must-revalidate accept-ranges bytes cf-ray 5c8c44c51ee1bf00-FRA content-length 1393 cf-request-id 04cb894f320000bf00c6021200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	opensans-regular-webfont.woff platnosc-payu.pl/V974W7M9n9Hks/css/fonts/	87 KB 88 KB	231ms 231ms	Font application/font-woff	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/fonts/opensans-regular-webfont.woff Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://platnosc-payu.pl Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 26 Aug 2020 08:44:02 GMT content-encoding br cf-cache-status MISS last-modified Sun, 21 Oct 2018 18:37:28 GMT server cloudflare etag W/"15de8-578c16db2aa00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff status 200 cache-control max-age=14400 cf-ray 5c8c44c52ee7bf00-FRA cf-request-id 04cb894f360000bf00c6023200000001
GET H2	200	opensans-light-webfont.woff platnosc-payu.pl/V974W7M9n9Hks/css/fonts/	84 KB 84 KB	231ms 231ms	Font application/font-woff	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/fonts/opensans-light-webfont.woff Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://platnosc-payu.pl Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 26 Aug 2020 08:44:02 GMT content-encoding br cf-cache-status MISS last-modified Sun, 21 Oct 2018 18:36:32 GMT server cloudflare etag W/"15000-578c16a5c2c00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff status 200 cache-control max-age=14400 cf-ray 5c8c44c53f02bf00-FRA cf-request-id 04cb894f400000bf00c6024200000001
GET H2	200	opensans-semibold-webfont.woff platnosc-payu.pl/V974W7M9n9Hks/css/fonts/	89 KB 89 KB	1299ms 1298ms	Font application/font-woff	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/fonts/opensans-semibold-webfont.woff Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://platnosc-payu.pl Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 26 Aug 2020 08:44:04 GMT content-encoding br cf-cache-status MISS last-modified Sun, 21 Oct 2018 18:38:38 GMT server cloudflare etag W/"16420-578c171dec780" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff status 200 cache-control max-age=14400 cf-ray 5c8c44c53f03bf00-FRA cf-request-id 04cb894f400000bf00c6025200000001
GET H2	200	PFBeauSansPro-Bold.woff platnosc-payu.pl/V974W7M9n9Hks/css/fonts/	142 KB 135 KB	324ms 323ms	Font application/font-woff	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/css/fonts/PFBeauSansPro-Bold.woff Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://platnosc-payu.pl Referer https://platnosc-payu.pl/V974W7M9n9Hks/css/cced7fdfad43c95c4ec4957300a307a24.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 26 Aug 2020 08:44:03 GMT content-encoding br cf-cache-status MISS last-modified Sun, 21 Oct 2018 18:35:56 GMT server cloudflare etag W/"2374c-578c16836db00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff status 200 cache-control max-age=14400 cf-ray 5c8c44c53f05bf00-FRA cf-request-id 04cb894f400000bf00c6026200000001
POST H2	200	online.php Show response platnosc-payu.pl/V974W7M9n9Hks/	0 358 B	116ms 115ms	XHR text/html	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/online.php Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:10 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c44f77ff0bf00-FRA cf-request-id 04cb896eaa0000bf00c622c200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online.php Show response platnosc-payu.pl/V974W7M9n9Hks/	0 196 B	109ms 109ms	XHR text/html	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/online.php Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:12 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c4501985fbf00-FRA cf-request-id 04cb8974fc0000bf00c6279200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online.php Show response platnosc-payu.pl/V974W7M9n9Hks/	0 257 B	114ms 114ms	XHR text/html	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/online.php Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:14 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c450ba8bfbf00-FRA cf-request-id 04cb897b4a0000bf00c62e8200000001 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online.php Show response platnosc-payu.pl/V974W7M9n9Hks/	0 105 B	59ms 58ms	XHR text/html	2606:4700:3034::681b:bcbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platnosc-payu.pl/V974W7M9n9Hks/online.php Requested by Host: platnosc-payu.pl URL: https://platnosc-payu.pl/V974W7M9n9Hks/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:bcbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.7RC1 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://platnosc-payu.pl/V974W7M9n9Hks/JasgnZ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 26 Aug 2020 08:44:15 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.7RC1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate cf-ray 5c8c4515c87dbf00-FRA cf-request-id 04cb89819c0000bf00c635a200000001 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
platnosc-payu.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: o11uo1cbak1fpnnra1np026h1l
.platnosc-payu.pl/	1970-01-19 12:43:43	Name: __cfduid Value: d9a282dac837d8128a017ea8c157cfd8b1598431442
platnosc-payu.pl/V974W7M9n9Hks	1970-01-19 12:00:35	Name: 69a3612b035c97e8b64e52f5cfa81e4a Value: 347283271
platnosc-payu.pl/V974W7M9n9Hks	1970-01-19 12:00:34	Name: 72be7c40b5dde6f3d15ee4fd165d89ea Value: 53842584
platnosc-payu.pl/V974W7M9n9Hks	1970-01-19 12:00:35	Name: 0c22bdeb9c031444fe1e6b041dfa0aac Value: 3291928974

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

platnosc-payu.pl
2606:4700:3034::681b:bcbf
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
20995a89e9acf439b1fdcbcc834886e1dc10ba1f48a49b36ea7984064f94ad12
2b590d09d8814626b11b47c775e8773f0756e2a81cd8d5eacaa6b15e28a2443c
7c2b4699ea73259dc4327be6335ed6eafdf1a3dd18e79681c4905658eca6a758
87528a670915e5caa2d622993cc519c44684e578c74a0acf4eafe79eafed044b
c3b59f9d1e7137e52e090c46afd361307949c72af1578e33de02a4a6e6d4405e
e1365def9912e30424c73d66739283559daf4951c08d96d8f4db137683cc4ec5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

platnosc-payu.pl Open in urlscan Pro 2606:4700:3034::681b:bcbf Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

641 kBTransfer

740 kBSize

5 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

5 Cookies

Indicators

platnosc-payu.pl Open in urlscan Pro
2606:4700:3034::681b:bcbf Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

641 kB
Transfer

740 kB
Size

5
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!