abc-paczki.cloud Open in urlscan Pro
2606:4700:3036::6815:2a43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97
Submission: On April 13 via automatic, source phishtank (April 13th 2024, 2:36:44 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3036::6815:2a43, located in United States and belongs to CLOUDFLARENET, US. The main domain is abc-paczki.cloud.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.

This is the only time abc-paczki.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3036::6815:2a43		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 2606:4700:3036::6815:2a43 (United States)

ASN13335 (CLOUDFLARENET, US)

abc-paczki.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	abc-paczki.cloud abc-paczki.cloud	647 KB
12	1

	Domain	Requested by
12	abc-paczki.cloud	abc-paczki.cloud
12	1

This site contains no links.

Subject Issuer	Validity	Valid
abc-paczki.cloud GTS CA 1P5	`2024-04-08` - `2024-07-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97
Frame ID: CD4E80E6C704F9ED52FEFA329E4A5B8E
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayU

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

647 kB
Transfer

741 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request rmTd97 Show response abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/	13 KB 4 KB	154ms 106ms	Document text/html	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `138f314c3231c8498d456932c7ed9608dcdb5cd20d497afb732bc152bc509490` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 873811dcdd28d636-CDG content-encoding br content-type text/html; charset=UTF-8 date Sat, 13 Apr 2024 02:36:39 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWnhkvLRFO9Rf0LoaTdJeFzPu%2BcVeZ9SudsUwUIRX%2FyJ4DDOVRqyOcQc198LemRYTyM4wN4gap0vkYjPyGMd1cboz2xf6JjYX3tA%2FM%2Be23GZcFEiT8ukpJdmcB9GMI5JBd1iLGcfvkWlUA2sU8j7"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.4.16
GET H2	200	c1159cc4383fbd6be7d7535981ccbc07b.css abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/	38 KB 10 KB	122ms 121ms	Stylesheet text/css	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `57f3732567bcdd04cd048db1342b9d230c343dafe1bef552eca162ac4ce93ba1` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 13 Apr 2024 02:36:40 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuZC3rNR1WH0PoRps0ShEwdXPe4Cgs51Y4T%2FsUVccHORz0yLdsW%2BygWqan2lSMddmNlvrwKDFP%2BAhf4S45KQhU%2BkFDwXCl%2FLD5g10MuAUiAn%2FUDfNZZOpV4mslnC0O0djKwCZ10wFdQ0W8gnoE%2Bv"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 873811dd8d76d636-CDG alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	jquery.js Show response abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/	86 KB 31 KB	27ms 27ms	Script application/javascript	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/jquery.js Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 02:36:39 GMT content-encoding br cf-cache-status HIT last-modified Mon, 08 Apr 2024 16:40:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 16261 etag W/"66141de9-15851" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twhghB8gg7fJLuVZFnkSqGX5xoYiiwot6FOXFY4L0XqYv7uJrk98sOk6ky9QtANCNeCKArlJtawRHhw3O2uP4Q%2B%2B0MzzvEZXwXEqxnavpt1NV8teD5uOJ3V48NhEc6Pj2htaGPydKOmAV0Y5TRvP"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 873811dd8d77d636-CDG alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	ad39fa9f6cb389842d6f8978cb125bff.jpg abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/	59 KB 60 KB	133ms 133ms	Image image/jpeg	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/ad39fa9f6cb389842d6f8978cb125bff.jpg Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `650b9bd30cb42e9fddc56f59efe9b620ec4a42d9812a9c3582a5880b91cb3e07` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 13 Apr 2024 02:36:40 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2Y0KpKBILl4bWVYESdc%2FPF2shO%2BGr7M07vmlUGv9QD3YlgU%2BoD7tht46s7f2Bv6AM27xjdM%2FE0FPxNq77WUaVU08t4o%2BMndr1Dr%2FyyrLcb7jUTQl4PMjnXSCaawVkDPyZWjpFZMvPIZayV2XqV8"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 873811de5fa74da4-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	dcf65edd5395224ab78cd68348907f62.png abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/	5 KB 6 KB	95ms 95ms	Image image/png	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/dcf65edd5395224ab78cd68348907f62.png Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `97416e4ea359410d1e781d9f3d1d3bf2024046de413061558b71169fcb1c6cbd` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 13 Apr 2024 02:36:40 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSdxnPgJtgo%2BV3BOlnZCkvXVw8%2BBLz62LK7ncfc01uPDqb7XNWd%2FEdaf%2Fh5%2FdfjXMwrF%2BSa4xtqFViN9hXNnDufmCafnpw3ZJ4IItw90Uc9GHchVB%2FLiCwcMzX44bIEcmDl5rRfaJ6VkB0qw3ToV"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes cf-ray 873811de5fa94da4-FRA alt-svc h3=":443"; ma=86400 content-length 5442 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	a4eec7c937a21084ab5168986a6829a0.png abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/	135 KB 135 KB	132ms 132ms	Image image/png	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/a4eec7c937a21084ab5168986a6829a0.png Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `dcbd8d95d0869a3989a524a4cb96bf5010bf8e0c7fc166af77d462db9a719fa3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 13 Apr 2024 02:36:40 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFefLt5sGYZc%2BPBbjf7ydVHMY2FjvEm000OyOzZ3XFBtf6BLcfXdVuKgnseW8DT50jYBDsGE%2FI0Gbsg6TQGCfaOrEnxHhXWtMhEEKECZSG3G1tqQui18jAq443sjUUn4B2uINpc94y%2Fe1EifmOPv"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 873811de5faa4da4-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	12b2bbcb4fd47dea605ed85874eae8d4.png abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/	1 KB 2 KB	96ms 96ms	Image image/png	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/12b2bbcb4fd47dea605ed85874eae8d4.png Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash `48568432b266e8cf4426829c940e3af50d3952cb472aaabe365e95da541c1563` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 13 Apr 2024 02:36:40 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8KF9S255Grwj%2F7%2FeM1nnECLwxF4Fmji4hQEeOvCRhfFgppKUgSDp%2BLRaQhBKZTK95fEx6CL4n8TbnbUICZfWs9Yf0Njj1M4Ikw4sinRIuWC35gVRXvUoRZLPhMOtioKCuFZGJNYTDhe45O8bQ3o"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes cf-ray 873811de5fac4da4-FRA alt-svc h3=":443"; ma=86400 content-length 1393 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	opensans-regular-webfont.woff abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/	87 KB 88 KB	15ms 15ms	Font application/font-woff	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/opensans-regular-webfont.woff Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Origin https://abc-paczki.cloud Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 02:36:40 GMT content-encoding br cf-cache-status HIT last-modified Mon, 08 Apr 2024 16:40:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6680 etag W/"15de8-6159875647d15" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BcczqQnWhpBovW5cFqbLfpCoCV85nxyNDIbFcDYjksXDbQmNbLQhWdTlmRu9PG8mshFGEvIXAtH2%2B3gSm2kX%2BtSNEh5udkZVqDVh8jMSnBKfNvamN3weLXbbatZcL0j%2B1RVO01L7PKq04ergJoz"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 873811de5fb14da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	opensans-light-webfont.woff abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/	84 KB 85 KB	35ms 35ms	Font application/font-woff	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/opensans-light-webfont.woff Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Origin https://abc-paczki.cloud Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 02:36:40 GMT content-encoding br cf-cache-status HIT last-modified Mon, 08 Apr 2024 16:40:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6680 etag W/"15000-61598756465a5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gU%2BBawaglR5TOOVkgBesxA2ph0QJeWIWFW6HEV5TFLqgu4HNXnFwKq4TvPNjziB%2BYOQ4krAe%2FQ7Cjvto1glMQ%2F8Y%2B6iL%2BmKsMH3VBHej91QSbSRYwPL225H9pm2czG8gxHLb6t0csTmCxVBPc7ib"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 873811de5fb24da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	opensans-semibold-webfont.woff abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/	89 KB 90 KB	41ms 41ms	Font application/font-woff	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/opensans-semibold-webfont.woff Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Origin https://abc-paczki.cloud Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 02:36:40 GMT content-encoding br cf-cache-status HIT last-modified Mon, 08 Apr 2024 16:40:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6680 etag W/"16420-615987564986d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2B6g18RU7LHgSSzq49LP9QwK6%2FFViMe5%2FIXmimOMfUPT%2F0JwFCmuxooRoLAG4ttAn3go87zLsepCipdqKD4c4F9Mh1g1VGElXvgiGNoObdvVcUow6PJ4tJUpG19I0KovLC9JctRZscbSpAjtS85O"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 873811de5fb34da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	PFBeauSansPro-Bold.woff abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/	142 KB 136 KB	42ms 42ms	Font application/font-woff	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/fonts/PFBeauSansPro-Bold.woff Requested by Host: abc-paczki.cloud URL: https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/c1159cc4383fbd6be7d7535981ccbc07b.css Origin https://abc-paczki.cloud Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 02:36:40 GMT content-encoding br cf-cache-status HIT last-modified Mon, 08 Apr 2024 16:40:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6680 etag W/"2374c-615987564debd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QF94dKY2ztIe7nAHWG6wPRZDi093%2F%2BLdGaPCNVfQm2ACjWnek%2BA9HL5Sy3IP8scMCHt12uijOxVQXAiGug4FIZ1Sknw0%2BNlN%2BPoYRol5E1vFsDFFNBHfFHrRGPw5SsFs747xwa2mB%2BR7fB1XNkNm"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 873811de5fb44da4-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.png abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/	348 B 844 B	14ms 13ms	Other image/png	2606:4700:3036::6815:2a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/css/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:2a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8634e6851cf0c1382758d39fe4cc63ce21d5330f6f2e7000100539f01c362e63` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM/rmTd97 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 02:36:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7793 alt-svc h3=":443"; ma=86400 content-length 348 last-modified Mon, 08 Apr 2024 16:40:08 GMT server cloudflare etag "66141de8-15c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aA%2FtJahmOGwCpAOWPEGxefiZRnm8FwsbkeP4pCoTm%2Fi5oL1gP1SmApGiNIN1koCCYyWKptyA%2FqeyHVUd2NiNKxFXXNQk%2BKV4e1yJXCEN1yi3PsBtTPaDq3a4DDOZZwqVxYyMF8GWAzuZfJnmvnv1"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 873811dfd87d4da4-FRA expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| r22bd459b function| online

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM	1970-01-20 19:49:39	Name: 9e0c5740d08855e50c7aec0f32d027fc Value: 3426914823
abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM	1970-01-20 19:49:39	Name: 6a54f31d2f206474beff186f3d640259 Value: 43546853
abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM	1970-01-20 19:49:39	Name: 58b7c13cbb4a0e9e4f18e37befddf553 Value: 2200519729
abc-paczki.cloud/2o0PrZJv0YJz8XFpbYDM	1970-01-20 19:49:39	Name: e322830f19ed0b1e19411cd8ac5abae4 Value: 3425973824
abc-paczki.cloud/	1969-12-31 23:59:59	Name: PHPSESSID Value: qok1m1ipi1jslp98h9on7cbik6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc-paczki.cloud
2606:4700:3036::6815:2a43
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
138f314c3231c8498d456932c7ed9608dcdb5cd20d497afb732bc152bc509490
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
48568432b266e8cf4426829c940e3af50d3952cb472aaabe365e95da541c1563
57f3732567bcdd04cd048db1342b9d230c343dafe1bef552eca162ac4ce93ba1
650b9bd30cb42e9fddc56f59efe9b620ec4a42d9812a9c3582a5880b91cb3e07
8634e6851cf0c1382758d39fe4cc63ce21d5330f6f2e7000100539f01c362e63
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
97416e4ea359410d1e781d9f3d1d3bf2024046de413061558b71169fcb1c6cbd
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
dcbd8d95d0869a3989a524a4cb96bf5010bf8e0c7fc166af77d462db9a719fa3

abc-paczki.cloud Open in urlscan Pro 2606:4700:3036::6815:2a43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

647 kBTransfer

741 kBSize

5 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

5 Cookies

Indicators

abc-paczki.cloud Open in urlscan Pro
2606:4700:3036::6815:2a43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

647 kB
Transfer

741 kB
Size

5
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!