ipko.pl-vrfy.info Open in urlscan Pro
104.21.91.91  Malicious Activity! Public Scan

Submitted URL: http://ipko.pl-vrfy.info/
Effective URL: https://ipko.pl-vrfy.info/index.php
Submission: On December 24 via api from US — Scanned from PL

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 104.21.91.91, located in and belongs to CLOUDFLARENET, US. The main domain is ipko.pl-vrfy.info.
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.
This is the only time ipko.pl-vrfy.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 14 104.21.91.91 13335 (CLOUDFLAR...)
14 2
Apex Domain
Subdomains
Transfer
14 pl-vrfy.info
ipko.pl-vrfy.info
496 KB
14 1
Domain Requested by
14 ipko.pl-vrfy.info 1 redirects ipko.pl-vrfy.info
14 1

This site contains no links.

Subject Issuer Validity Valid
pl-vrfy.info
WE1
2024-12-21 -
2025-03-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ipko.pl-vrfy.info/index.php
Frame ID: 5B830A0E1443AE230E84F0B851209640
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Strona logowania | iPKO - bankowość elektroniczna PKO Banku Polskiego

Page URL History Show full URLs

  1. http://ipko.pl-vrfy.info/ HTTP 307
    https://ipko.pl-vrfy.info/ Page URL
  2. https://ipko.pl-vrfy.info/index.php Page URL
  3. https://ipko.pl-vrfy.info/cdn-cgi/phish-bypass?atok=9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-173501... HTTP 301
    https://ipko.pl-vrfy.info/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

496 kB
Transfer

2786 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ipko.pl-vrfy.info/ HTTP 307
    https://ipko.pl-vrfy.info/ Page URL
  2. https://ipko.pl-vrfy.info/index.php Page URL
  3. https://ipko.pl-vrfy.info/cdn-cgi/phish-bypass?atok=9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-1735018636-0.0.1.1-%2Findex.php HTTP 301
    https://ipko.pl-vrfy.info/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ipko.pl-vrfy.info/ HTTP 307
  • https://ipko.pl-vrfy.info/

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ipko.pl-vrfy.info/
Redirect Chain
  • http://ipko.pl-vrfy.info/
  • https://ipko.pl-vrfy.info/
54 B
784 B
Document
General
Full URL
https://ipko.pl-vrfy.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a03092cd77385449b2a939541222193f7e2474e90e8a5c6e15f7b9b885aacf29

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f6e3d0aea57b221-WAW
content-encoding
zstd
content-type
text/html
date
Tue, 24 Dec 2024 05:37:16 GMT
last-modified
Mon, 23 Dec 2024 17:24:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRYSpwJpZ8AEFDNQRwJdv7gR8rz%2B3Kq50bWteKGHWoWqJptJkx8h%2FQJWf02Dh8iZokM7ynuvpjCtaV3gIsPUyk%2BTgmqNNa2zKdtHmCYFLzUjCiyjvDgRkPc7ZG2FRTDA%2BXBVag%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=41077&min_rtt=34877&rtt_var=8829&sent=12&recv=10&lost=1&retrans=1&sent_bytes=4180&recv_bytes=4490&delivery_rate=1204&cwnd=8400&unsent_bytes=0&cid=e44d72b8db748bae&ts=168&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-accel-version
0.01
x-powered-by
PleskLin

Redirect headers

Location
https://ipko.pl-vrfy.info/
Non-Authoritative-Reason
HttpsUpgrades
index.php
ipko.pl-vrfy.info/
4 KB
2 KB
Document
General
Full URL
https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8140ddf7db3f2c041a6df4001f56b50695d65cd5337eab7ffc4031e8c2d3dd8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ipko.pl-vrfy.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-ray
8f6e3d0bfaf9b221-WAW
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 05:37:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhIFrGvmB3InvevwmVNiJR7dtwzyCAaUVrzn8FlxGacsj6u17280k5Q4NsVQrDvKk2aT5wU4lgu2nI1Mw4gyO4bz%2BpKj4hgLzlUH%2FEY4TgQ1uCyfLkWY90uVGfk2aiIkCPKTDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
favicon.ico
ipko.pl-vrfy.info/
0
0

cf.errors.css
ipko.pl-vrfy.info/cdn-cgi/styles/
23 KB
5 KB
Stylesheet
General
Full URL
https://ipko.pl-vrfy.info/cdn-cgi/styles/cf.errors.css
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"675fc4ac-5df3"
x-content-type-options
nosniff
cf-ray
8f6e3d0c5b20b221-WAW
expires
Tue, 24 Dec 2024 07:37:16 GMT
date
Tue, 24 Dec 2024 05:37:16 GMT
content-type
text/css
last-modified
Mon, 16 Dec 2024 06:11:56 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
ipko.pl-vrfy.info/cdn-cgi/images/
452 B
634 B
Image
General
Full URL
https://ipko.pl-vrfy.info/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"675fc4ac-1c4"
x-content-type-options
nosniff
cf-ray
8f6e3d0c8b3cb221-WAW
expires
Tue, 24 Dec 2024 07:37:16 GMT
accept-ranges
bytes
content-length
452
date
Tue, 24 Dec 2024 05:37:16 GMT
content-type
image/png
last-modified
Mon, 16 Dec 2024 06:11:56 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
ipko.pl-vrfy.info/
1 KB
1 KB
Other
General
Full URL
https://ipko.pl-vrfy.info/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2ed97a271318bea262bad62fcc13d54df9ec455701151aac4901fe9ee800bed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"676430bd-47e"
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EmBHMW0qjNG8JJbt4pulv277ZC16tTMwpXJgY0cLbsgYZPwhISpzHrFWDkml8juJ8GLYXYDb6EI1v%2Bx6AWNZ%2Fxp2qPKsgpBGB5BOvi30RRDei9hGMkVPP9lhXMBAcJ0OI2Bl7A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40656&min_rtt=29005&rtt_var=13336&sent=27&recv=21&lost=1&retrans=1&sent_bytes=12862&recv_bytes=6588&delivery_rate=10725&cwnd=8400&unsent_bytes=0&cid=e44d72b8db748bae&ts=344&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 05:37:16 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 14:42:05 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d0cbb5fb221-WAW
x-powered-by
PleskLin
server
cloudflare
Primary Request index.php
ipko.pl-vrfy.info/
Redirect Chain
  • https://ipko.pl-vrfy.info/cdn-cgi/phish-bypass?atok=9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-1735018636-0.0.1.1-%2Findex.php
  • https://ipko.pl-vrfy.info/index.php
2 MB
243 KB
Document
General
Full URL
https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.14 PleskLin
Resource Hash
9178961b0788c4ae221611316881856c58dfd35cea0420bf57d830909d5a0756

Request headers

Referer
https://ipko.pl-vrfy.info/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f6e3d22f864b221-WAW
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 05:37:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSW5ZwIgmLDR1MUBb%2FcTsXR4OUFAyWxqauhYtIhQ3Vmow5QOFiNg1C9ylcfcDa2j9ukMk6z20eMT0Ho1%2F7SaFpkmfNv4yJNTK4qH%2BNgoHQ9njhwBiD4RkDborM%2Be4X0%2Bfcit7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=41022&min_rtt=29005&rtt_var=13193&sent=33&recv=26&lost=1&retrans=1&sent_bytes=14877&recv_bytes=7689&delivery_rate=354&cwnd=8400&unsent_bytes=0&cid=e44d72b8db748bae&ts=5063&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/8.3.14 PleskLin

Redirect headers

cache-control
private, no-cache
cf-ray
8f6e3d22c850b221-WAW
content-length
167
content-type
text/html
date
Tue, 24 Dec 2024 05:37:19 GMT
location
https://ipko.pl-vrfy.info/index.php
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
jquery-3.js
ipko.pl-vrfy.info/assets/
281 KB
86 KB
Script
General
Full URL
https://ipko.pl-vrfy.info/assets/jquery-3.js
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"676430bc-4638e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H29w9Togudt3MHo%2FG47%2B%2BYE4WV2FDktNuZLr1obHW3Yj1q2mw8uYJsXlWxJf8ZGR2YJqXIZe5ir0AtlwuRgy%2FgDhQK9f1Uw%2FZAsc9muli7VTJhJlnpTGeZSRE8cktcUecz4inA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37282&min_rtt=26912&rtt_var=12532&sent=97&recv=55&lost=1&retrans=1&sent_bytes=89480&recv_bytes=9670&delivery_rate=221951&cwnd=12000&unsent_bytes=0&cid=e44d72b8db748bae&ts=5275&x=1", cfExtPri, cfHdrFlush;dur=7
date
Tue, 24 Dec 2024 05:37:21 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 14:42:04 GMT
vary
accept-encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d2acd56b221-WAW
x-powered-by
PleskLin
server
cloudflare
bootstrap.js
ipko.pl-vrfy.info/assets/
79 KB
24 KB
Script
General
Full URL
https://ipko.pl-vrfy.info/assets/bootstrap.js
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"676430bc-13bb5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNxfxpgOnpd2rHVo2LpdQMHQedEPxFBRLTOisOmQKLRN1OzeyrfS1ND2Kqwr5dyEm6NymwTGxd9IIE2I5Imfwnx%2BMqyS8v734TkNp5ri9THNdS327oXJgBn8tvFHaCZZvyfImg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37282&min_rtt=26912&rtt_var=12532&sent=97&recv=55&lost=1&retrans=1&sent_bytes=89480&recv_bytes=9670&delivery_rate=221951&cwnd=12000&unsent_bytes=0&cid=e44d72b8db748bae&ts=5273&x=1", cfExtPri, cfHdrFlush;dur=10
date
Tue, 24 Dec 2024 05:37:21 GMT
content-type
text/javascript
last-modified
Thu, 19 Dec 2024 14:42:04 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d2acd57b221-WAW
x-powered-by
PleskLin
server
cloudflare
PKO4C102201-ZIMOWY-KV-DLA-POZYCZKI_D_570x570_208_208.png
ipko.pl-vrfy.info/Strona-1_files/
36 KB
37 KB
Image
General
Full URL
https://ipko.pl-vrfy.info/Strona-1_files/PKO4C102201-ZIMOWY-KV-DLA-POZYCZKI_D_570x570_208_208.png
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7c581cfac91370578c07ed88b73f887c65a235cd7824fafa35d675cabbc5b4d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

cf-cache-status
REVALIDATED
etag
"676430bd-91cc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijtAjHD2ZI24CMsFHNt6PljW17ND%2F%2FDZPfPGbFPf963SsoHeNRzPL79xRhTPtYxrofewg52PrtCtKgSv1hxuiI9LJcwJUTGzj5OKd9tNHpCuD1mPyX%2BvVUDt6Vp%2Bw57KXdvGxA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31550&min_rtt=26912&rtt_var=4460&sent=341&recv=95&lost=1&retrans=1&sent_bytes=381072&recv_bytes=11928&delivery_rate=811145&cwnd=28800&unsent_bytes=0&cid=e44d72b8db748bae&ts=5696&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 05:37:21 GMT
content-type
image/png
last-modified
Thu, 19 Dec 2024 14:42:05 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d2d8eb5b221-WAW
accept-ranges
bytes
content-length
37324
x-powered-by
PleskLin
server
cloudflare
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29ece7b2e689f637d125e4049a960fd9d5a5a71ead05cb4a89660221bd671038

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
PKOBankPolski-Regular.woff
ipko.pl-vrfy.info/Strona-1_files/
31 KB
32 KB
Font
General
Full URL
https://ipko.pl-vrfy.info/Strona-1_files/PKOBankPolski-Regular.woff
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
08e8695cc1177aba498bb4f0e97d406ab707ea76594495a0835708a120cf46ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ipko.pl-vrfy.info
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

cf-cache-status
REVALIDATED
etag
"676430bd-7be8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FTVZcwGNeFc94n1Al4rpHYsEZv9pBjwfw3tR1%2B8MBlIAaZuBLkAnRxEC%2BNSoQlnSFYJ4COwS5EUPOWUUTv2MJYm60vHsKA6%2ByAjWmsVPldjIuds17FRYTY2%2B8P6cgIj5%2BXjEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30653&min_rtt=26912&rtt_var=3254&sent=379&recv=107&lost=1&retrans=1&sent_bytes=423614&recv_bytes=13648&delivery_rate=727558&cwnd=30000&unsent_bytes=0&cid=e44d72b8db748bae&ts=5893&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 05:37:21 GMT
content-type
font/woff
last-modified
Thu, 19 Dec 2024 14:42:05 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d2eaf61b221-WAW
accept-ranges
bytes
content-length
31720
x-powered-by
PleskLin
server
cloudflare
PKOBankPolski-Light.woff
ipko.pl-vrfy.info/Strona-1_files/
32 KB
32 KB
Font
General
Full URL
https://ipko.pl-vrfy.info/Strona-1_files/PKOBankPolski-Light.woff
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
cc44059f1adba7ca3a61f64b0a5e3647cb5f97c5dd569d5a3b64d7e42cd8d630

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ipko.pl-vrfy.info
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

cf-cache-status
REVALIDATED
etag
"676430bd-7e3c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMJdeR5fKr3DEumhDuOneRXbUB6foLDwIgRlsEolSUYi04yuyAUIZAVJVVyT%2F3IsJW345V5t8kg1A0EzTO9hxt%2F4pUjIM8hL7HqZIeRIhPQAc2SsdI%2BRfhTbDtnDO8cxuu6tqA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30653&min_rtt=26912&rtt_var=3254&sent=404&recv=107&lost=1&retrans=1&sent_bytes=453614&recv_bytes=13648&delivery_rate=727558&cwnd=30000&unsent_bytes=0&cid=e44d72b8db748bae&ts=5894&x=1", cfExtPri, cfHdrFlush;dur=27
date
Tue, 24 Dec 2024 05:37:21 GMT
content-type
font/woff
last-modified
Thu, 19 Dec 2024 14:42:05 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d2eaf64b221-WAW
accept-ranges
bytes
content-length
32316
x-powered-by
PleskLin
server
cloudflare
PKOBankPolski-Bold.woff
ipko.pl-vrfy.info/Strona-1_files/
31 KB
32 KB
Font
General
Full URL
https://ipko.pl-vrfy.info/Strona-1_files/PKOBankPolski-Bold.woff
Requested by
Host: ipko.pl-vrfy.info
URL: https://ipko.pl-vrfy.info/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8a3c82e7f180a04686064c7f6a267a930682882f3c26b1ae9ce478d5419b546c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ipko.pl-vrfy.info
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

cf-cache-status
MISS
etag
"676430bd-7bf0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfhRN%2BDGqJMNeaScaETwJ8HJxGC2iCN%2BD%2BbRR1E0wFi%2F0QtpkDmSbNflQ4KQuvLsGb2dd5m%2BnEKgYkFr%2Fc883N4D17Tzz55mf7FQEknM6r30lAR2iZvYXwaO0qf%2B8i4Oyxp5wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30653&min_rtt=26912&rtt_var=3254&sent=404&recv=107&lost=1&retrans=1&sent_bytes=453614&recv_bytes=13648&delivery_rate=727558&cwnd=30000&unsent_bytes=0&cid=e44d72b8db748bae&ts=5900&x=1", cfExtPri, cfHdrFlush;dur=21
date
Tue, 24 Dec 2024 05:37:21 GMT
content-type
font/woff
last-modified
Thu, 19 Dec 2024 14:42:05 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d2eaf65b221-WAW
accept-ranges
bytes
content-length
31728
x-powered-by
PleskLin
server
cloudflare
favicon.ico
ipko.pl-vrfy.info/
1 KB
0
Other
General
Full URL
https://ipko.pl-vrfy.info/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.91.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2ed97a271318bea262bad62fcc13d54df9ec455701151aac4901fe9ee800bed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ipko.pl-vrfy.info/index.php

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"676430bd-47e"
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EmBHMW0qjNG8JJbt4pulv277ZC16tTMwpXJgY0cLbsgYZPwhISpzHrFWDkml8juJ8GLYXYDb6EI1v%2Bx6AWNZ%2Fxp2qPKsgpBGB5BOvi30RRDei9hGMkVPP9lhXMBAcJ0OI2Bl7A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40656&min_rtt=29005&rtt_var=13336&sent=27&recv=21&lost=1&retrans=1&sent_bytes=12862&recv_bytes=6588&delivery_rate=10725&cwnd=8400&unsent_bytes=0&cid=e44d72b8db748bae&ts=344&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 05:37:16 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 14:42:05 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f6e3d0cbb5fb221-WAW
x-powered-by
PleskLin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ipko.pl-vrfy.info
URL
https://ipko.pl-vrfy.info/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap

2 Cookies

Domain/Path Name / Value
.ipko.pl-vrfy.info/ Name: __cf_mw_byp
Value: 9tShqp_pQQA.rQyajDBkwlow4Vu6bAp_kjMBV28hrqg-1735018636-0.0.1.1-/index.php
ipko.pl-vrfy.info/ Name: PHPSESSID
Value: 4fqcd9iicbhb4a3qq179qm08ou

1 Console Messages

Source Level URL
Text
network error URL: https://ipko.pl-vrfy.info/index.php
Message:
Failed to load resource: the server responded with a status of 403 ()