bwaekuawkj.cfolks.pl Open in urlscan Pro
185.208.164.122 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bwaekuawkj.cfolks.pl/it/port
Effective URL:
https://bwaekuawkj.cfolks.pl/it/port/7f64a/
Submission: On November 04 via api (November 4th 2024, 10:54:21 pm UTC) from US — Scanned from PL

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 185.208.164.122, located in Poland and belongs to CF-GDA, PL. The main domain is bwaekuawkj.cfolks.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 25th 2024. Valid for: a year.

This is the only time bwaekuawkj.cfolks.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking)

Domain & IP information

	IP Address		AS Autonomous System
3 20	185.208.164.122 185.208.164.122		41079 (CF-GDA) (CF-GDA)
17	1

20 185.208.164.122 (Poland) 3 redirects

ASN41079 (CF-GDA, PL)
PTR: s22.cyber-folks.pl

bwaekuawkj.cfolks.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cfolks.pl 3 redirects bwaekuawkj.cfolks.pl	585 KB
17	1

	Domain	Requested by
20	bwaekuawkj.cfolks.pl	3 redirects bwaekuawkj.cfolks.pl
17	1

This site contains links to these domains. Also see Links.

Domain
www.nexi.it

Subject Issuer	Validity	Valid
*.cfolks.pl Certum Domain Validation CA SHA2	`2024-07-25` - `2025-07-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bwaekuawkj.cfolks.pl/it/port/7f64a/
Frame ID: 6CC3AC5DE4D32292CE655703F0B9D841
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portale Aziende

Page URL History Show full URLs

https://bwaekuawkj.cfolks.pl/it/port HTTP 301
https://bwaekuawkj.cfolks.pl/it/port/ HTTP 302
https://bwaekuawkj.cfolks.pl/it/port/7f64a HTTP 301
https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

584 kB
Transfer

889 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nexi.it/content/dam/nexi/download/business/portale-aziende-new/P-AZ-GUIDA-PRIMI-PASSI.pdf
Title: Visualizza la guida completa

Search URL Search Domain Scan URL

URL: https://www.nexi.it/business/servizi/portale-aziende/guide.html
Title: Qui trovi tutte le nostre guide

Search URL Search Domain Scan URL

URL: https://www.nexi.it/dichiarazione-accessibilita-portaleaziende
Title: Dichiarazione accessibilità

Search URL Search Domain Scan URL

URL: https://www.nexi.it/content/dam/nexi/new-login-2019/informativa_privacy.pdf
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bwaekuawkj.cfolks.pl/it/port HTTP 301
https://bwaekuawkj.cfolks.pl/it/port/ HTTP 302
https://bwaekuawkj.cfolks.pl/it/port/7f64a HTTP 301
https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response bwaekuawkj.cfolks.pl/it/port/7f64a/ Redirect Chain https://bwaekuawkj.cfolks.pl/it/port https://bwaekuawkj.cfolks.pl/it/port/ https://bwaekuawkj.cfolks.pl/it/port/7f64a https://bwaekuawkj.cfolks.pl/it/port/7f64a/	106 KB 14 KB	45ms 43ms	Document text/html	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `c744563f8988db5020ae2aebaafda60646f826a5a9d9ec5adfcf26002d788a79` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding br content-type text/html date Mon, 04 Nov 2024 22:54:15 GMT etag "1a632-67295097-c1d2e9ca3395fedf;br" last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary Accept-Encoding,User-Agent Redirect headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 795 content-type text/html date Mon, 04 Nov 2024 22:54:15 GMT location https://bwaekuawkj.cfolks.pl/it/port/7f64a/ server LiteSpeed vary User-Agent
GET H3	200	clientlib-site.css bwaekuawkj.cfolks.pl/it/port/7f64a/	230 KB 34 KB	57ms 56ms	Stylesheet text/css	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `ea7931e3af6015e75544b2428fe4a568297463e098f785e7e4ab7e8100fce1eb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 content-encoding br etag "39973-67295097-d7dcbea82f0a2aac;br" expires Mon, 11 Nov 2024 22:54:15 GMT accept-ranges bytes date Mon, 04 Nov 2024 22:54:15 GMT content-type text/css last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	nexi-logo-white.svg bwaekuawkj.cfolks.pl/it/port/7f64a/	2 KB 829 B	171ms 170ms	Image image/svg+xml	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/nexi-logo-white.svg Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 content-encoding br etag "72c-67295097-b5366e8140db996d;br" expires Mon, 11 Nov 2024 22:54:15 GMT accept-ranges bytes date Mon, 04 Nov 2024 22:54:15 GMT content-type image/svg+xml last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	login_pa.jpg bwaekuawkj.cfolks.pl/it/port/7f64a/	361 KB 361 KB	170ms 170ms	Image image/jpeg	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/login_pa.jpg Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `1bc15d321cd70c43e83dda2b6e9f7edc97a06014aa20987cc1b41bf568837f71` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 etag "5a47a-67295097-80623b834b4575aa;;;" expires Mon, 11 Nov 2024 22:54:15 GMT accept-ranges bytes content-length 369786 date Mon, 04 Nov 2024 22:54:15 GMT content-type image/jpeg last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	icon_settings.png bwaekuawkj.cfolks.pl/it/port/7f64a/	4 KB 4 KB	59ms 58ms	Image image/png	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/icon_settings.png Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `7be7c937602f1c792bc36d29fe8c7a3426cacefbad5e3361d100533bf026751b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 etag "e57-67295097-8bafe90d7b6b7120;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 3671 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/png last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	icon_update.png bwaekuawkj.cfolks.pl/it/port/7f64a/	2 KB 2 KB	60ms 59ms	Image image/png	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/icon_update.png Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `ae93d9e39be2d1c04180cf171a1d879d94088ba51b290d8fd09c77619c942d93` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 etag "7a4-67295097-4fefaf2f0d90bffc;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 1956 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/png last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	icon_pencil.png bwaekuawkj.cfolks.pl/it/port/7f64a/	3 KB 3 KB	62ms 61ms	Image image/png	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/icon_pencil.png Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `882f78780661d393d2e8292c03d5051f8df8f744acac3fed0c2e659ac4b97af4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 etag "b7f-67295097-76f38cdab5f97ba6;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 2943 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/png last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	icon-close.svg bwaekuawkj.cfolks.pl/it/port/7f64a/	2 KB 787 B	111ms 110ms	Image image/svg+xml	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/icon-close.svg Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 content-encoding br etag "628-67295097-ca25369ea37fe37a;br" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 737 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/svg+xml last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	ico-down-blue.svg bwaekuawkj.cfolks.pl/it/port/7f64a/	898 B 553 B	111ms 110ms	Image image/svg+xml	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/ico-down-blue.svg Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 content-encoding br etag "382-67295097-3e268f3d648ed0b5;br" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 503 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/svg+xml last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	icon-info_blue.svg bwaekuawkj.cfolks.pl/it/port/7f64a/	7 KB 1 KB	112ms 111ms	Image image/svg+xml	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/icon-info_blue.svg Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `33ec8f940f1d3db6036d6e185482505c391539cca1ee74585ed953e932671df6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 content-encoding br etag "1a10-67295097-76745a1ac08f154;br" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 1345 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/svg+xml last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	nexi-logo-dark.svg bwaekuawkj.cfolks.pl/it/port/7f64a/	2 KB 886 B	111ms 110ms	Image image/svg+xml	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Show image Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/nexi-logo-dark.svg Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 content-encoding br etag "8fa-67295097-10dec8625b30bb30;br" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 836 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/svg+xml last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	KarbonApp.woff2 bwaekuawkj.cfolks.pl/it/port/7f64a/	40 KB 40 KB	48ms 48ms	Font font/woff2	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/KarbonApp.woff2 Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://bwaekuawkj.cfolks.pl Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Response headers cache-control public, max-age=604800 etag "9e2c-67295097-c0f6813d50984169;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 40492 date Mon, 04 Nov 2024 22:54:16 GMT content-type font/woff2 last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	KarbonAppMedium.woff2 bwaekuawkj.cfolks.pl/it/port/7f64a/	39 KB 39 KB	59ms 58ms	Font font/woff2	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/KarbonAppMedium.woff2 Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://bwaekuawkj.cfolks.pl Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Response headers cache-control public, max-age=604800 etag "9a74-67295097-6c8502093fb5a3a2;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 39540 date Mon, 04 Nov 2024 22:54:16 GMT content-type font/woff2 last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	KarbonAppSemibold.woff2 bwaekuawkj.cfolks.pl/it/port/7f64a/	39 KB 39 KB	41ms 40ms	Font font/woff2	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/KarbonAppSemibold.woff2 Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://bwaekuawkj.cfolks.pl Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Response headers cache-control public, max-age=604800 etag "9b3c-67295097-89ba9ccf8d2073f9;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 39740 date Mon, 04 Nov 2024 22:54:16 GMT content-type font/woff2 last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	nexinew.ttf bwaekuawkj.cfolks.pl/it/port/7f64a/	19 KB 9 KB	74ms 74ms	Font application/x-font-ttf	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/nexinew.ttf Requested by Host: bwaekuawkj.cfolks.pl URL: https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `b9d6f2a369e5d5f042f3ba01ecfb456136997e4a477f834f4939ca9ba3982c4f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://bwaekuawkj.cfolks.pl Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/clientlib-site.css Response headers cache-control public, max-age=604800 content-encoding br etag "4acc-67295097-43bdbf4b71b60749;br" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 9039 date Mon, 04 Nov 2024 22:54:16 GMT content-type application/x-font-ttf last-modified Mon, 04 Nov 2024 22:54:15 GMT vary Accept-Encoding,User-Agent server LiteSpeed
GET H3	200	favicon.png bwaekuawkj.cfolks.pl/it/port/7f64a/	801 B 849 B	45ms 45ms	Other image/png	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 etag "321-67295097-fe6dbc15e8ecc9fa;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 801 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/png last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent
GET H3	200	favicon.ico bwaekuawkj.cfolks.pl/it/port/7f64a/	34 KB 34 KB	39ms 39ms	Other image/x-icon	185.208.164.122 CF-GDA
General Check archive.org Show headers Download Go to Full URL https://bwaekuawkj.cfolks.pl/it/port/7f64a/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 185.208.164.122 , Poland, ASN41079 (CF-GDA, PL), Reverse DNS s22.cyber-folks.pl Software LiteSpeed / Resource Hash `ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bwaekuawkj.cfolks.pl/it/port/7f64a/ Response headers cache-control public, max-age=604800 etag "86be-67295097-5e17bf82bc35a39e;;;" expires Mon, 11 Nov 2024 22:54:16 GMT accept-ranges bytes content-length 34494 date Mon, 04 Nov 2024 22:54:16 GMT content-type image/x-icon last-modified Mon, 04 Nov 2024 22:54:15 GMT server LiteSpeed vary User-Agent

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bwaekuawkj.cfolks.pl
185.208.164.122
1bc15d321cd70c43e83dda2b6e9f7edc97a06014aa20987cc1b41bf568837f71
2bef6e7b4bd23a7009ddf29a2896bbdc7e25a365b501b2c34b5fd42917e12337
33ec8f940f1d3db6036d6e185482505c391539cca1ee74585ed953e932671df6
4c399d83f036f296ac9cdc6cbb47af8f77b8892218b7c0ae7c26b292f4eddd08
53192495ec43c0d10022eb2fecefd9bd2967f56dab0fd98d3a3d5831422f7323
7be7c937602f1c792bc36d29fe8c7a3426cacefbad5e3361d100533bf026751b
83e9a25bc3d65aa88a683b34f650213f0c74e657b29436a37ef138c2ea689dda
87526f6a2177902e89ac67e69e6152671d38625024ae399ce3ba149599614bb9
882f78780661d393d2e8292c03d5051f8df8f744acac3fed0c2e659ac4b97af4
ae93d9e39be2d1c04180cf171a1d879d94088ba51b290d8fd09c77619c942d93
b9d6f2a369e5d5f042f3ba01ecfb456136997e4a477f834f4939ca9ba3982c4f
c744563f8988db5020ae2aebaafda60646f826a5a9d9ec5adfcf26002d788a79
d5ded7a91066c885b90252eb9849575a6c2f2e9c87d8748c496af886b731d3f8
ddcb12028caf567e0f9d6af1adc7e51df78b7c800f99eab2608c11ca47f9b77e
e5c0e42bb6a3f3a244f8724587feb409c48a467a098e94c708bbb58117d41369
ea7931e3af6015e75544b2428fe4a568297463e098f785e7e4ab7e8100fce1eb
f1926ee7a205ed96afdd1b8a74d845d21a64dadb6ef76e672558e5b84b58274c

bwaekuawkj.cfolks.pl Open in urlscan Pro 185.208.164.122 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

584 kBTransfer

889 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

bwaekuawkj.cfolks.pl Open in urlscan Pro
185.208.164.122 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

584 kB
Transfer

889 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!