paynets.online
Open in
urlscan Pro
2a00:f940:2:2:1:1:0:112
Malicious Activity!
Public Scan
Submission: On March 13 via manual from MY — Scanned from DE
Summary
This is the only time paynets.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Visa (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2a00:f940:2:2... 2a00:f940:2:2:1:1:0:112 | 197695 (AS-REG) (AS-REG) | |
3 | 2606:50c0:800... 2606:50c0:8002::154 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 87.236.16.202 87.236.16.202 | 198610 (BEGET-AS) (BEGET-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a03:90c0:41:... 2a03:90c0:41:2801::254 | 199524 (GCORE) (GCORE) | |
3 | 178.21.8.220 178.21.8.220 | 197695 (AS-REG) (AS-REG) | |
28 | 11 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
replain.cc
widget.replain.cc — Cisco Umbrella Rank: 333978 app.replain.cc — Cisco Umbrella Rank: 336212 |
184 KB |
6 |
gstatic.com
fonts.gstatic.com |
73 KB |
4 |
paynets.online
paynets.online |
253 KB |
3 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4700 |
127 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35 |
32 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620 |
40 KB |
1 |
snipp.ru
snipp.ru |
2 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 821 |
2 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
31 KB |
28 | 9 |
Domain | Requested by | |
---|---|---|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
5 | widget.replain.cc |
paynets.online
widget.replain.cc |
4 | paynets.online |
paynets.online
|
3 | app.replain.cc |
widget.replain.cc
|
3 | raw.githubusercontent.com |
paynets.online
|
2 | maxcdn.bootstrapcdn.com |
paynets.online
|
1 | fonts.googleapis.com |
paynets.online
|
1 | snipp.ru |
paynets.online
|
1 | ajax.googleapis.com |
paynets.online
|
1 | unpkg.com |
paynets.online
|
1 | cdnjs.cloudflare.com |
paynets.online
|
28 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
snipp.ru R3 |
2022-02-07 - 2022-05-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-02-17 - 2022-05-12 |
3 months | crt.sh |
widget.replain.cc R3 |
2022-02-16 - 2022-05-17 |
3 months | crt.sh |
webview.replain.cc R3 |
2022-01-14 - 2022-04-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://paynets.online/
Frame ID: 669FACA34B93A6FDE54B8B626209DF5A
Requests: 21 HTTP requests in this frame
Frame:
https://widget.replain.cc/dist/css/app.f69517de.css
Frame ID: E965A7A34CAC48CB845B690C39E66E83
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
ОплатаDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
paynets.online/ |
90 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main1.css
paynets.online/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chip.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/ |
91 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-the-mask.js
unpkg.com/vue-the-mask@0.11.1/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
paynets.online/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ |
59 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wait.gif
paynets.online/assets/img/ |
217 KB 217 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.min.js
snipp.ru/cdn/maskedinput/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2
fonts.gstatic.com/s/sourcecodepro/v20/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
fonts.gstatic.com/s/sourcecodepro/v20/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18.jpeg
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
105 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
widget.replain.cc/dist/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.f69517de.css
widget.replain.cc/dist/css/ Frame E965 |
45 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.95c7cd65.js
widget.replain.cc/dist/js/ Frame E965 |
333 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
auth
app.replain.cc/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
auth
app.replain.cc/ Frame E965 |
320 B 953 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notification.ac905963.mp3
widget.replain.cc/dist/media/ Frame E965 |
24 KB 24 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang-ru-json.b52c2d1a.js
widget.replain.cc/dist/js/ Frame E965 |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-default.png
app.replain.cc/ Frame E965 |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Visa (Financial)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| Vue object| VueTheMask function| $ function| jQuery object| bootstrap object| _0x2a31 function| _0x526a function| _0x541884 function| _0x46429b function| _0x52ab34 function| _0x37ad72 function| _0x2d9238 function| _0x3067b0 object| civchat object| replainSettings boolean| replainInitialized object| ReplainWidget function| ReplainAPI1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
paynets.online/ | Name: site Value: paynets.online |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
app.replain.cc
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
paynets.online
raw.githubusercontent.com
snipp.ru
unpkg.com
widget.replain.cc
178.21.8.220
2606:4700::6810:125e
2606:4700::6810:7aaf
2606:4700::6812:bcf
2606:50c0:8002::154
2a00:1450:4001:810::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:f940:2:2:1:1:0:112
2a03:90c0:41:2801::254
87.236.16.202
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
1348641771d9c6ef36801b42d2ffcd698df071d6463ae86ce992bf44a78c2633
175ef860729a6f3aa7c0a7954152bddbed5446affa2fe2931be79ffed5e20f87
1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54
1fbc6888ee9ff61b0f975998ef371db04257c5822e90c6f0b3a53988240e14b5
4e873726d9fb941ec46569ec0a685950f9f954e5c9c00389142d8c35a9584ebe
54576498d5d389761af7c4250534c39ed4e43a2954d1767d6232942b26244d80
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7589770827195e3e1605fe94afa08f78da1c45811e655783ac0b4bc86ab25e1a
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
9f2fe64a9e8740652b95125ec26f5761480cf2817284bd8d00d884611e05a58b
a775026091fa6c419284438f675f964453004bbb92cbe6df41be6c245c9a314b
acce91c82cedc2cb341fba4bf9aae3096820fa28dc67b4cce8a86a575b11ef7d
b5c17252ad773fe8ca84e0c09474290d5d3ce0521a1e00a028f0a226b881abc4
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c45562107b5d8f7161ed5eb4593b3da118cf5338400b86edd9f77f57b4814b89
c9fea33459d13044c2ed5045928e7791bb22257173dc4dd0ad7cd31204d936b6
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
d79fdefbca7dc806c2990943cb14baa8ab5fe1eafa7e8c1fb0660e0fbbf09011
f1b3ed185ee5751bd0d272e5ab63df08a80d4bf96c0eb102aa342046970d7261
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62