bankpekao24.x0.com
Open in
urlscan Pro
133.242.249.28
Malicious Activity!
Public Scan
URL:
https://bankpekao24.x0.com/logowanie/
Submission: On July 01 via manual from AU — Scanned from JP
Submission: On July 01 via manual from AU — Scanned from JP
Summary
This website contacted 4 IPs
in 3 countries
across 4 domains to perform 18 HTTP transactions.
The main IP is 133.242.249.28, located in
Japan and
belongs to SAKURA-A SAKURA Internet Inc., JP.
The main domain is bankpekao24.x0.com.
TLS certificate: Issued by Gehirn Managed Certification Authorit... on April 17th 2024. Valid for: a year.
This is the only time bankpekao24.x0.com was scanned on urlscan.io!
TLS certificate: Issued by Gehirn Managed Certification Authorit... on April 17th 2024. Valid for: a year.
This is the only time bankpekao24.x0.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank Pekao (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 133.242.249.28 133.242.249.28 | 7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.) | |
| 1 | 2606:4700:440... 2606:4700:4400::6812:2844 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2404:6800:400... 2404:6800:4004:818::200a | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2404:6800:400... 2404:6800:400a:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 18 | 4 |
12
133.242.249.28
(Japan)
ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www4118.sakura.ne.jp
ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www4118.sakura.ne.jp
| bankpekao24.x0.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
x0.com
bankpekao24.x0.com |
554 KB |
| 4 |
gstatic.com
fonts.gstatic.com |
55 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
1 KB |
| 1 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 8521 |
29 KB |
| 18 | 4 |
| Domain | Requested by | |
|---|---|---|
| 12 | bankpekao24.x0.com |
bankpekao24.x0.com
|
| 4 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
bankpekao24.x0.com
|
| 1 | pro.fontawesome.com |
bankpekao24.x0.com
|
| 18 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.sakura.ne.jp Gehirn Managed Certification Authority - RSA DV |
2024-04-17 - 2025-05-18 |
a year | crt.sh |
| *.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-04 - 2025-01-03 |
a year | crt.sh |
| upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| *.gstatic.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bankpekao24.x0.com/logowanie/
Frame ID: 459B87FF2F6B3B30CE8B01FB147243B8
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Rachunki i karty - Bank Pekao S.A.Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
bankpekao24.x0.com/logowanie/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
bankpekao24.x0.com/logowanie/css/ |
188 KB 189 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
test.css
bankpekao24.x0.com/logowanie/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
html5shiv.min.js
bankpekao24.x0.com/logowanie/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
pro.fontawesome.com/releases/v5.10.0/css/ |
153 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lg.svg
bankpekao24.x0.com/logowanie/image/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lang.png
bankpekao24.x0.com/logowanie/image/ |
775 B 919 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ft.png
bankpekao24.x0.com/logowanie/image/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.js
bankpekao24.x0.com/logowanie/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
bankpekao24.x0.com/logowanie/js/ |
61 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask.js
bankpekao24.x0.com/logowanie/js/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
back.jpg
bankpekao24.x0.com/logowanie/image/ |
162 KB 162 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fav.png
bankpekao24.x0.com/logowanie/image/ |
4 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank Pekao (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| html5 function| $ function| jQuery number| uidEvent object| bootstrap1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| bankpekao24.x0.com/ | Name: PHPSESSID Value: pn4n5q9b4jdh4060c59q0aqo00 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bankpekao24.x0.com
fonts.googleapis.com
fonts.gstatic.com
pro.fontawesome.com
133.242.249.28
2404:6800:4004:818::200a
2404:6800:400a:80e::2003
2606:4700:4400::6812:2844
05c10f20cd146c3ae892c7a77d8b9c4a19a963a23771d98cc5af020e97e023da
0b3c05d5c1fb2bdbbf7544e19005d92567d8238dc55ad5b55dac551888cc7288
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4b00414045b4a77c61a2f3cc91ff53bf416a9b48f6d82adff942d8d8b19b5c8b
5f77db47e014746e1abb5615b3e2e20cd68fca2a3f0fab188f5bfa3272785ef1
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
8ed6247e706bd4b0c88cc0a08cec77b8fc20254aeff9731a61796e734806225e
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c0cc7e9cd1b2266276b73f9081654bf85c055dcc8c374f7c4f8ce33b898f50d8
c32687bf19e749a173f215a92d11a550dbc8fc7f97352d892d38a2119305b8ce
dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d