pay-oferta15124.pl - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 172.67.194.241, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay-oferta15124.pl.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.

This is the only time pay-oferta15124.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 8	172.67.194.241 172.67.194.241		13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	1

8 172.67.194.241 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

pay-oferta15124.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	pay-oferta15124.pl 3 redirects pay-oferta15124.pl	38 KB
5	1

	Domain	Requested by
8	pay-oferta15124.pl	3 redirects pay-oferta15124.pl
5	1

This site contains no links.

Subject Issuer	Validity	Valid
pay-oferta15124.pl GTS CA 1P5	`2024-03-26` - `2024-06-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pay-oferta15124.pl/xx/
Frame ID: EA7B4AD232BEE0A2BEC6433DA9BB7127
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayU

Page URL History Show full URLs

http://pay-oferta15124.pl/ HTTP 307
https://pay-oferta15124.pl/ HTTP 302
https://pay-oferta15124.pl/ HTTP 302
https://pay-oferta15124.pl/xx HTTP 308
https://pay-oferta15124.pl/xx/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

37 kB
Transfer

97 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pay-oferta15124.pl/ HTTP 307
https://pay-oferta15124.pl/ HTTP 302
https://pay-oferta15124.pl/ HTTP 302
https://pay-oferta15124.pl/xx HTTP 308
https://pay-oferta15124.pl/xx/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response pay-oferta15124.pl/xx/ Redirect Chain http://pay-oferta15124.pl/ https://pay-oferta15124.pl/ https://pay-oferta15124.pl/ https://pay-oferta15124.pl/xx https://pay-oferta15124.pl/xx/	4 KB 2 KB	65ms 65ms	Document text/html	172.67.194.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-oferta15124.pl/xx/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.194.241 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ccfa50d8bb5ab95a9b1f6b3a7763eb743407eaf791fd84d232b29bac65f787e7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 antiddos x cf-cache-status DYNAMIC cf-ray 86acfe85ee433a3e-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 27 Mar 2024 05:31:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} proxy-cache MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1kyVeULNR%2Fu6ycvJgq%2BZRyp%2B9AiKdAB6YCDUJESZhmHMJsSznKwRQwakXYMyiUwT4H3m6lEgPaHc5wbIThE0msxDrptz1C9Nd1lNvGbY8w6ag%2FQtkjFoAvCj8aOC5trzutTE2A%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 antiddos x cf-cache-status DYNAMIC cf-ray 86acfe857e0f3a3e-FRA content-type text/html; charset=utf-8 date Wed, 27 Mar 2024 05:31:26 GMT location https://pay-oferta15124.pl/xx/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} proxy-cache MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUcnG653sYW0DbqMfsaMM%2BpwVgInul0vZjogvePSRhI05tZxQY%2Bac9J7l%2Fn9yQjOpmPRsRy0lSEBfPFDynqMSeCVOFnt1geXWvmutCsyxxawZKHSJTs2VsPnGUpBOT7yUNUnz6c%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	cookies.core.1.3.min.js Show response pay-oferta15124.pl/static/assets/js/	6 KB 2 KB	78ms 78ms	Script text/javascript	172.67.194.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-oferta15124.pl/static/assets/js/cookies.core.1.3.min.js Requested by Host: pay-oferta15124.pl URL: https://pay-oferta15124.pl/xx/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.194.241 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fcc39a00e2ece672bb835dc7ae98bea58a91decd20cd12885f0c07ab0e50c1b3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pay-oferta15124.pl/xx/ accept-language pl-PL,pl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 05:31:27 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} antiddos x content-disposition inline; filename=cookies.core.1.3.min.js alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Jun 2023 20:56:25 GMT proxy-cache MISS server cloudflare etag W/"1687121785.0-5795-4066120343" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIOb%2BbrYIfVee4QqEp%2FmewY0lvWC0VQFI6E%2FG7EZR%2B1TDlReqvCmHO4jc01qEInIGARFOGzDM9XOr9yCdDPzw4qGYjvLwB314LHUpHpptMS3n%2BKLTg1nfpZq2vyMnZx5LltvD%2Fo%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 86acfe865e9a3a3e-FRA
GET H3	200	jquery-3.5.1.min.js Show response pay-oferta15124.pl/static/assets/js/	87 KB 32 KB	84ms 84ms	Script text/javascript	172.67.194.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-oferta15124.pl/static/assets/js/jquery-3.5.1.min.js Requested by Host: pay-oferta15124.pl URL: https://pay-oferta15124.pl/xx/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.194.241 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pay-oferta15124.pl/xx/ accept-language pl-PL,pl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 05:31:27 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} antiddos x content-disposition inline; filename=jquery-3.5.1.min.js alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Jun 2023 20:56:25 GMT proxy-cache MISS server cloudflare etag W/"1687121785.0-89476-2756120789" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xfO%2Fh6fSasXtSWDUiina53qsRAQq3TlVeHGXjYwmH8M6TstNe2Icl8YSSBkSDDMA5RNGhj4sf7XmA7J1fXeCzwcjQzOngxJlk5Tt1%2FiTlPA3SLgYTrcrykfLTXgxBEZvI7Btb9I%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 86acfe865e9b3a3e-FRA
POST H3	429	/ Show response pay-oferta15124.pl/api/opensession/	31 B 442 B	68ms 68ms	XHR application/json	172.67.194.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-oferta15124.pl/api/opensession/ Requested by Host: pay-oferta15124.pl URL: https://pay-oferta15124.pl/static/assets/js/jquery-3.5.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.194.241 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `307361b059268742aad27fba133adca59988e3a1803843d3f80ba5a708762a12` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language pl-PL,pl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept / Referer https://pay-oferta15124.pl/xx/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 05:31:27 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} proxy-cache MISS server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Y2O9DnGrm4fmtUhWMSn0ZLDdh1WeUiOSlrKEVfxZViCBj6JSiLICRMrozFtdUnA%2FsSPznoULUH0hUwnEeI4LbbRC7pS5Pnfs7aVmVQwhQKRzmx2Qn7VQnWlsHoXQrESdgSRg0s%3D"}],"group":"cf-nel","max_age":604800} content-type application/json antiddos x cf-ray 86acfe876f4d3a3e-FRA alt-svc h3=":443"; ma=86400 content-length 31
GET H3	200	favicon.png pay-oferta15124.pl/static/assets/img/	348 B 859 B	78ms 78ms	Other image/png	172.67.194.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-oferta15124.pl/static/assets/img/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.194.241 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8634e6851cf0c1382758d39fe4cc63ce21d5330f6f2e7000100539f01c362e63` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://pay-oferta15124.pl/xx/ accept-language pl-PL,pl;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 05:31:27 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} antiddos x content-disposition inline; filename=favicon.png alt-svc h3=":443"; ma=86400 content-length 348 last-modified Sun, 18 Jun 2023 20:56:26 GMT proxy-cache MISS server cloudflare etag "1687121786.0-348-951717711" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FA9zjxlztsZmnAhlcnwu65kbhy6z8hUHQW%2FzOhiuNwAD6kcPsjokL1H1WeQ1qq2dG9OzNwA1DvTbQEJDenXubu8Nts5R%2B%2Bajng0nLV1ZVql4YwjUIJ1MiTujOkFf20Flml36Emg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 86acfe876f503a3e-FRA

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pay-oferta15124.pl/	1969-12-31 23:59:59	Name: _1__bProxy_v Value: fd4c69a624bed4142c4d1d5ff8301353d8a1ccbc9594949ad0fb1c36b92f4647
			.pay-oferta15124.pl/	1969-12-31 23:59:59	Name: session_id Value: None

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pay-oferta15124.pl/api/opensession/ Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pay-oferta15124.pl
172.67.194.241
307361b059268742aad27fba133adca59988e3a1803843d3f80ba5a708762a12
8634e6851cf0c1382758d39fe4cc63ce21d5330f6f2e7000100539f01c362e63
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
ccfa50d8bb5ab95a9b1f6b3a7763eb743407eaf791fd84d232b29bac65f787e7
fcc39a00e2ece672bb835dc7ae98bea58a91decd20cd12885f0c07ab0e50c1b3

pay-oferta15124.pl Open in urlscan Pro 172.67.194.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

37 kBTransfer

97 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

pay-oferta15124.pl Open in urlscan Pro
172.67.194.241 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

37 kB
Transfer

97 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions