ipko.pl-vrfy.info
Open in
urlscan Pro
104.21.91.91
Malicious Activity!
Public Scan
Effective URL: https://ipko.pl-vrfy.info/index.php
Submission: On December 24 via api from US — Scanned from PL
Summary
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.
This is the only time ipko.pl-vrfy.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 104.21.91.91 104.21.91.91 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
pl-vrfy.info
1 redirects
ipko.pl-vrfy.info |
496 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
14 | ipko.pl-vrfy.info |
1 redirects
ipko.pl-vrfy.info
|
14 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pl-vrfy.info WE1 |
2024-12-21 - 2025-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ipko.pl-vrfy.info/index.php
Frame ID: 5B830A0E1443AE230E84F0B851209640
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Strona logowania | iPKO - bankowość elektroniczna PKO Banku PolskiegoPage URL History Show full URLs
-
http://ipko.pl-vrfy.info/
HTTP 307
https://ipko.pl-vrfy.info/ Page URL
- https://ipko.pl-vrfy.info/index.php Page URL
-
https://ipko.pl-vrfy.info/cdn-cgi/phish-bypass?atok=9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-173501...
HTTP 301
https://ipko.pl-vrfy.info/index.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ipko.pl-vrfy.info/
HTTP 307
https://ipko.pl-vrfy.info/ Page URL
- https://ipko.pl-vrfy.info/index.php Page URL
-
https://ipko.pl-vrfy.info/cdn-cgi/phish-bypass?atok=9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-1735018636-0.0.1.1-%2Findex.php
HTTP 301
https://ipko.pl-vrfy.info/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ipko.pl-vrfy.info/ HTTP 307
- https://ipko.pl-vrfy.info/
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
ipko.pl-vrfy.info/ Redirect Chain
|
54 B 784 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.php
ipko.pl-vrfy.info/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
ipko.pl-vrfy.info/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
ipko.pl-vrfy.info/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
ipko.pl-vrfy.info/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
ipko.pl-vrfy.info/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
index.php
ipko.pl-vrfy.info/ Redirect Chain
|
2 MB 243 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.js
ipko.pl-vrfy.info/assets/ |
281 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.js
ipko.pl-vrfy.info/assets/ |
79 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PKO4C102201-ZIMOWY-KV-DLA-POZYCZKI_D_570x570_208_208.png
ipko.pl-vrfy.info/Strona-1_files/ |
36 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PKOBankPolski-Regular.woff
ipko.pl-vrfy.info/Strona-1_files/ |
31 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PKOBankPolski-Light.woff
ipko.pl-vrfy.info/Strona-1_files/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PKOBankPolski-Bold.woff
ipko.pl-vrfy.info/Strona-1_files/ |
31 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
ipko.pl-vrfy.info/ |
1 KB 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ipko.pl-vrfy.info
- URL
- https://ipko.pl-vrfy.info/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery number| uidEvent object| bootstrap2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ipko.pl-vrfy.info/ | Name: __cf_mw_byp Value: 9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-1735018636-0.0.1.1-/index.php |
|
ipko.pl-vrfy.info/ | Name: PHPSESSID Value: 4fqcd9iicbhb4a3qq179qm08ou |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ipko.pl-vrfy.info
ipko.pl-vrfy.info
104.21.91.91
08e8695cc1177aba498bb4f0e97d406ab707ea76594495a0835708a120cf46ea
29ece7b2e689f637d125e4049a960fd9d5a5a71ead05cb4a89660221bd671038
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
7c581cfac91370578c07ed88b73f887c65a235cd7824fafa35d675cabbc5b4d7
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
8a3c82e7f180a04686064c7f6a267a930682882f3c26b1ae9ce478d5419b546c
9178961b0788c4ae221611316881856c58dfd35cea0420bf57d830909d5a0756
a03092cd77385449b2a939541222193f7e2474e90e8a5c6e15f7b9b885aacf29
b8140ddf7db3f2c041a6df4001f56b50695d65cd5337eab7ffc4031e8c2d3dd8
cc44059f1adba7ca3a61f64b0a5e3647cb5f97c5dd569d5a3b64d7e42cd8d630
e2ed97a271318bea262bad62fcc13d54df9ec455701151aac4901fe9ee800bed
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016